Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Newbie Infected With 888.com, Cassava, Winfixer And Various Other Pop-ups


  • This topic is locked This topic is locked
14 replies to this topic

#1 daviebowie007

daviebowie007

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 01 February 2006 - 03:19 PM

Hi there, wondering if someone can help. I keep getting pop-ups for 888.com, Cassava, Ringtone, Winfixer and various other pages in Internet Explorer. I have run all the recommended scans before doing a Hijack This log, all of which have come up clean.

My log file is as follows:

Logfile of HijackThis v1.99.1
Scan saved at 20:13:48, on 01/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Tmas\tmas.exe
C:\Documents and Settings\Davie\Desktop\Office & Admin Utilities\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dixons.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.dixons.co.uk/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FE92AB74-9968-49C4-A8EF-244A294C2E28} (CheckActiveX.Class1) - https://projects.buildonline.com/activeX/CheckActiveX.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Can someone please help me rid my PC of this inconvenience.

Eternally grateful,

Daviebowie007.

BC AdBot (Login to Remove)

 


m

#2 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 01 February 2006 - 04:57 PM

Click here to download ewido anti-malware - it is a trial version of the program.
  • Install ewido.
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen.
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed. Then:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin (do not open any folders or open the windows control panel while the scan is in progress).
  • While the scan is in progress you will be prompted to clean files, click OK
  • When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop.
Now close ewido.

Rescan with HJT and post a new log here together with the ewido log so that any remnants can be removed manually.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#3 daviebowie007

daviebowie007
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 02 February 2006 - 06:14 AM

Hello again, have run a full scan with Ewido and performed another Hijack This scan. The results are shown below:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 10:59:57, 02/02/2006
+ Report-Checksum: 165B9408

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
C:\Documents and Settings\Davie\Cookies\davie@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Davie\Cookies\davie@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Davie\Cookies\davie@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Davie\Cookies\davie@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N56M1011NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.c : Cleaned with backup
C:\WINDOWS\wmsetup.log:pplha -> Downloader.Agent.td : Cleaned with backup


::Report End



Logfile of HijackThis v1.99.1
Scan saved at 11:10:53, on 02/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Davie\Desktop\Office & Admin Utilities\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dixons.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.dixons.co.uk/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FE92AB74-9968-49C4-A8EF-244A294C2E28} (CheckActiveX.Class1) - https://projects.buildonline.com/activeX/CheckActiveX.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


Any help you can give is most appreciated.

Daviebowie007.

#4 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 03 February 2006 - 01:57 AM

Make sure that you have no browser windows open as this could prevent the fix from working properly. Open HijackThis, scan and when complete, remove the following entries by checking the box to the left and clicking 'fixed checked':

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)


Exit HijackThis when done. Reboot into Safe Mode by tapping F8 after the BIOS has loaded. Using Windows Explorer, find and delete the following:

C:\Program Files\Common Files\VCClient <-- folder

Exit Explorer and reboot into Normal Mode. Rescan with HijackThis and post a new log here.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#5 daviebowie007

daviebowie007
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 03 February 2006 - 04:36 AM

Hi again, did as you asked although there was no C:\Program Files\VCClient folder on the computer. I did a search and found VCClient.exe.config in Documents and Settings, which I sent to the Recycle Bin. After doing this the Hijack This log reads:

Logfile of HijackThis v1.99.1
Scan saved at 09:30:32, on 03/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Davie\Desktop\Office & Admin Utilities\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dixons.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.dixons.co.uk/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FE92AB74-9968-49C4-A8EF-244A294C2E28} (CheckActiveX.Class1) - https://projects.buildonline.com/activeX/CheckActiveX.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


Thanks for your continued help and support.

Davidbowie007.

#6 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 03 February 2006 - 11:52 AM

Looks better - how is it running now?
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#7 daviebowie007

daviebowie007
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 03 February 2006 - 02:45 PM

Still getting the pop-ups I'm afraid. Any suggestions?

Daviebowie007.

#8 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 03 February 2006 - 03:06 PM

Download and save blacklight to your desktop. Doubleclick blbeta.exe, accept the agreement, click scan > next.

You'll see a list of all the items it found. There will also be a log on your desktop with the name fsbl.xxxxxxx.log (where xxxxxxx represents numbers). The application finds both bad files and legitimate ones. Copy and paste the log it generated in your next reply.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#9 daviebowie007

daviebowie007
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 04 February 2006 - 06:48 AM

I have done as you asked and here is the resulting blacklight log file:

02/04/06 11:29:57 [Info]: BlackLight Engine 1.0.30 initialized
02/04/06 11:29:57 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/04/06 11:29:57 [Note]: 7019 4
02/04/06 11:29:57 [Note]: 7005 0
02/04/06 11:29:59 [Note]: 7006 0
02/04/06 11:29:59 [Note]: 7011 1240
02/04/06 11:29:59 [Note]: 7018 1704
02/04/06 11:29:59 [Info]: Hidden process: C:\WINDOWS\SYSTEM32\SPDVICAP.EXE
02/04/06 11:29:59 [Note]: 7018 1948
02/04/06 11:29:59 [Info]: Hidden process: C:\PROGRAM FILES\INSASSIC\SORWRITE.EXE
02/04/06 11:29:59 [Note]: FSRAW library version 1.7.1014
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\ace.dll
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_01-02-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_02-02-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_03-02-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_04-02-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_29-01-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_30-01-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\AI_31-01-2006.log
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000029_43958d16_0005b8d8
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43be8946_000a7d8c
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43c0f6fb_000baeb9
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43c0f776_00098968
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000491c_43969fb8_000b34a7
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000018be_43c93fc5_0004c4b4
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000018be_43be8946_000c28cb
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000187e_43c274f7_0007de29
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001916_43c27ad7_0001ab3f
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001916_43d4c862_0003567e
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001916_43de38ee_00044aa2
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001916_43df82c9_0009c671
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001916_43e0b4f6_0003d090
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001916_43e0ffc0_00031975
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001953_43c27bbc_00039387
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001953_43d4c910_00098968
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001953_43de56e3_000e1113
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001953_43df844b_000ca2dd
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001953_43e1037c_000632ea
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000019d9_43c288f3_0002dc6c
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006784_43be5f92_000ca2dd
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006784_43be8951_0006acfc
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43c12955_00090f56
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43cb7705_000c28cb
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43cf9ff8_0007a120
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43d4c6e6_000e4e1c
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43d539b1_0005f5e1
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43da5a79_0000b71b
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43de3818_000632ea
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43df5ef0_0003567e
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43e0b199_0003d090
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006899_43e0fc24_000c28cb
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000068f5_43c28ff5_000bebc2
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43d89917_00066ff3
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43d92217_000a7d8c
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43da843d_000bebc2
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43db620f_00081b32
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43dcd2d9_00098968
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43dddeb8_000e1113
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e0c04d_00081b32
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:01 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e10c35_000632ea
02/04/06 11:30:01 [Note]: 7002 0
02/04/06 11:30:01 [Note]: 7003 1
02/04/06 11:30:01 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e1e718_000b34a7
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e1fbd9_000cdfe6
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e31f6c_00003d09
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e38ccd_000d1cef
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e3b272_00044aa2
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43e4902f_0001312d
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43cb65f3_000e4e1c
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43be6578_0007de29
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000054de_43c10616_0007a120
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005579_43c28a1d_000d1cef
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43a40320_000d9701
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43c1082a_0006ea05
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43c2551c_0004c4b4
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43c50c73_0002625a
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43c7cf18_00016e36
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43cb66a0_0002625a
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43cf979b_000c65d4
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000056ae_43d52799_00066ff3
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43dcd296_00000000
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43dddbff_00003d09
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43df4672_000b34a7
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e07b46_00039387
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e0bf26_00081b32
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e10b2d_000e8b25
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e1e6a4_0001ab3f
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e1f43d_0007270e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e31f28_000f0537
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e386df_00007a12
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e3b239_000cdfe6
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43e49002_0005b8d8
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000039b3_43989a15_0002625a
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000029_4396a665_0002dc6c
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000029_43be893e_0007a120
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000029_43c8122b_0008583b
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000029_43d26e50_000c65d4
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000029_43da601d_000d1cef
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000099_4396ae70_000aba95
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000099_43bada42_000632ea
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000099_43cbf5a7_000b71b0
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000120_43d527b5_000cdfe6
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000124_43a40242_00094c5f
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000124_43cbf5a9_000e4e1c
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000001d3_43d4ca25_0006ea05
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000001eb_43980d64_00044aa2
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000001eb_43c4db8a_0005b8d8
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000001eb_43d521b1_00057bcf
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000001eb_43dcd271_0000f424
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43c50c5c_00053ec6
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000633_43d4cbd1_0007270e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000732_43d52799_000f0537
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000074d_43cbf714_0002dc6c
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000074d_43c0f6d8_00039387
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43b931e9_00098968
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43bd99ef_0006acfc
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43be6252_00076417
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43be8990_00022551
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c0f248_0007270e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c24642_000ec82e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c4db32_0003567e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c61309_0001312d
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c6cf98_0001ab3f
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c76e56_000ec82e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c7cd3f_00016e36
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c7d1e1_00090f56
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43c93fe6_000aba95
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43ca2e47_00007a12
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43cb63d7_0004c4b4
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43cbf39a_000c65d4
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43ccae03_000ca2dd
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43cce378_000baeb9
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43cd07f8_0000f424
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43cf71c8_000501bd
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d123d5_000af79e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d135a5_00090f56
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d27020_00098968
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d383b1_00003d09
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d4a332_000a037a
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d520b8_000d59f8
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d8965f_000ca2dd
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001649_43d9189c_0000b71b
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002cd6_43be5fbd_00066ff3
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002cd6_43c0f212_000632ea
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000001eb_43e31f13_00029f63
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f32_43e24dec_00098968
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004ae1_43980b76_00000000
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43b69564_00029f63
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43bda2d8_00040d99
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43c107ee_0006acfc
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43c6d51d_0001e848
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43c7cf08_000bebc2
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43cb6691_000cdfe6
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43cd5eec_00081b32
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43cf9793_000a7d8c
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43d4c04b_000a4083
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43d8e67b_000c65d4
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43da58a0_000af79e
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:02 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43da850c_00031975
02/04/06 11:30:02 [Note]: 7002 0
02/04/06 11:30:02 [Note]: 7003 1
02/04/06 11:30:02 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43dbad11_00003d09
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43dcd3ca_0006acfc
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000030a_43e0a105_00040d99
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000384_43d4c8c3_000c28cb
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000384_43de38f4_000cdfe6
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000384_43df8313_00089544
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000384_43e10057_000aba95
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43da59a0_000a4083
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43dbb1a3_000bebc2
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43dcd756_000f0537
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43de36df_0008d24d
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43e0b0a3_0009c671
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43e0ef6b_0002625a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066fa_43d4cf51_000a4083
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066bb_43be669f_000e1113
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066bb_43c106f7_0006ea05
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066bb_43c6d3f7_000aba95
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066bb_43c77779_00044aa2
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006732_43c288d4_00094c5f
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006732_43d4c9b5_00000000
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006732_43dfc953_00076417
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006784_43958d1a_0002625a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004cad_43cf9e96_000632ea
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004a80_43de3812_0007a120
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004ae1_43e0be63_000ec82e
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e1271c_0005b8d8
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000124_43c7747e_000cdfe6
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000124_43d89852_0007270e
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002d12_43c6d39d_000d59f8
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000026ca_43d4c6c7_000a037a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00007ff5_43c253a4_000b71b0
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f32_43dcd408_00044aa2
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000797d_43da596c_00039387
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43df2429_0003d090
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000018be_43db515a_000d9701
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005cfd_43dbad2a_000501bd
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066bb_43e3b293_00090f56
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005db2_43d53add_000c65d4
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004509_43ddfa76_000e1113
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004d06_43da8432_0000f424
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000012e1_43a7ee01_000e8b25
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004230_43da59a7_00044aa2
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f90_43cce367_000dd40a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006b36_43d4c156_00066ff3
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000022ee_43e0d91c_0004c4b4
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000015a1_43da59ab_000a037a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000015a1_43dbb1b8_000d1cef
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000015a1_43de36fa_000d59f8
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000015a1_43df5934_00040d99
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000015a1_43e0b0d2_000bebc2
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000153c_43d8983d_000d59f8
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001547_43d89912_000d9701
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000153c_43be63bd_0006acfc
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001547_43be6571_0005b8d8
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001643_43c28a21_00094c5f
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005fa4_43dfad95_0000b71b
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005fa4_43e10393_00089544
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f90_43bd99eb_00040d99
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f90_43be622f_0000f424
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f90_43be8990_0000f424
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f90_4396b1b7_00090f56
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_439f107a_0007a120
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43c109c9_000dd40a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43c26955_000e1113
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43c7d00f_00076417
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43cb67c3_0003567e
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43cf9f07_0001e848
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43d4c651_000f0537
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005878_43dbad28_00090f56
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000422d_43c27953_00098968
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000368e_43df7379_0001e848
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001316_43d4cf57_00066ff3
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f49_43d8e83b_000b71b0
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005db2_43cb7707_0004c4b4
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005af1_43c7cd84_0008583b
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005878_43da853e_00057bcf
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001547_43c6d335_0006acfc
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43d7b33c_0007270e
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006952_43ceb25d_0008583b
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006df1_43d520dc_000a037a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000701f_43bd9f3f_000a037a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00007e87_43d136c0_0007de29
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000366b_43bda611_0001e848
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000039b3_43da34ed_00053ec6
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004509_43da84ab_000e4e1c
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004db7_43c6149a_000a037a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002c49_43df7f9b_000487ab
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000012e1_43d4c69f_0007270e
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43cce3ba_000a037a
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002cd6_43b916ba_000501bd
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:03 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000026e9_43e31f10_00066ff3
02/04/06 11:30:03 [Note]: 7002 0
02/04/06 11:30:03 [Note]: 7003 1
02/04/06 11:30:03 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000120_43da8520_000a7d8c
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000026ca_43e0b114_00003d09
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000012db_43e3b20a_000a037a
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000026e9_43d383d9_000501bd
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000390c_43bd9bbc_000632ea
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002d12_43cbf6f7_00007a12
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004db7_43c7ce0b_0004c4b4
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00007049_43de3804_000a037a
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000bb3_43c7d250_00057bcf
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006443_43c24f38_000e4e1c
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00006032_43da59a7_000b34a7
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000066c4_43cf9ef2_000a7d8c
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\000072ae_43d2700d_000632ea
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000677_43c27b64_0007270e
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000f3e_43e1f452_0001ab3f
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00001238_43d8d134_000e8b25
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000187e_43c12954_0000f424
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00000035_43c288d4_00076417
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00005f90_43d135a4_00090f56
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43d887d0_000d9701
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43d8f70c_00089544
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43da6146_000e1113
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43dcffb1_0008583b
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43ddd00f_000a4083
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e0700d_0004c4b4
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e1c337_0001312d
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e1e8ce_0001e848
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e3108f_00016e36
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e322d3_00031975
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e3b185_000e4e1c
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e3bbc3_000f0537
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00004823_43e48aef_000d9701
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000486a_43c289df_000d9701
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000486a_43d4cc78_0007de29
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\0000486a_43dfcd55_000bebc2
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04 [Info]: Hidden file: C:\Program Files\Insassic\Cache\00002cd6_43d0ab5c_0008d24d
02/04/06 11:30:04 [Note]: 7002 0
02/04/06 11:30:04 [Note]: 7003 1
02/04/06 11:30:04 [Note]: 10002 3
02/04/06 11:30:04

#10 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 04 February 2006 - 07:04 AM

See below.

Edited by Daemon, 04 February 2006 - 07:19 AM.

Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#11 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 04 February 2006 - 07:19 AM

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download AproposFix from here:
http://swandog46.geekstogo.com/aproposfix.exe

Save it to your desktop but do NOT run it yet.

Then please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#12 daviebowie007

daviebowie007
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 04 February 2006 - 02:21 PM

Hi again, here is my new Hijack This log along with the apropos log.txt file:

Logfile of HijackThis v1.99.1
Scan saved at 19:18:59, on 04/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Davie\Desktop\Office & Admin Utilities\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btbroadbandstart.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btbroadbandstart.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dixons.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.dixons.co.uk/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FE92AB74-9968-49C4-A8EF-244A294C2E28} (CheckActiveX.Class1) - https://projects.buildonline.com/activeX/CheckActiveX.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


Log of AproposFix v1.1

************

Running from directory:
C:\Documents and Settings\Davie\Desktop\aproposfix

************



Registry entries found:

[HKEY_LOCAL_MACHINE\Software\CvPi8AGoMU3D]
@="9F3C:xzHIIHIIJI13:8 jnHIIHXKIrdiYjrnI9F9Az3ONIy8:Cz89I 264Av38J9F9"
"Device"="\\\\.\\kmirfOS"
"DriverPath"="C:\\WINDOWS\\system32\\drivers\\flpntamr.sys"
"DriverName"="symvice"
"HideUninstallerName"="C:\\Program Files\\Insassic\\mpnwsock.exe"
"HDll"="C:\\WINDOWS\\system32\\xenkbdfr.dll"
"ServerAddress"="adchannel.contextplus.net"
"LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html"
"PartnerId"="CP.LAV"
"InstallationId"="{X69861cb-2cbe-4545-1148-ec3b88375733}"
"PageFiltering"=dword:00000001
"CrMnTmt"=dword:0036ee80
"ClientName"="C:\\Program Files\\Insassic\\sorwrite.exe"
"AutoUpdater"="C:\\WINDOWS\\system32\\spdvicap.exe"
"Version"="2.0.131"

************

Removing hidden service:
Service symvice removed.

Removing hidden folder:
Deletion of folder Insassic succeeded!

Deleting files:

Deletion of file C:\WINDOWS\system32\drivers\flpntamr.sys succeeded!
Deletion of file C:\WINDOWS\system32\spdvicap.exe succeeded!
Deletion of file C:\WINDOWS\system32\xenkbdfr.dll succeeded!

Backing up files:
Done!

Removing registry entries:

REGEDIT4

[-HKEY_CURRENT_USER\Software\CvPi8AGoMU3D]
[-HKEY_LOCAL_MACHINE\Software\CvPi8AGoMU3D]

Done!

Finished!


Many thanks.

Daviebowie007

#13 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 04 February 2006 - 02:26 PM

Looks better - how is it now?
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#14 daviebowie007

daviebowie007
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 05 February 2006 - 06:39 AM

Pop-ups appear to have stopped. Thank you very very much for your help. Can you recommend any good software that'll prevent this type of nuisance from happening again?

Daviebowie007.

#15 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:50 PM

Posted 05 February 2006 - 09:51 AM

You're welcome - glad to help :D

To help keep you clean follow the recommendations in Tony's article here:

So how did I get infected in the first place?



As this problem has been resolved the topic will be closed. If you need this topic reopened, please email the moderating team - be sure to include the address of the thread and the name you posted under.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users