computer slow no matter what i do [Archive]

View Full Version : computer slow no matter what i do

billthompson

14 Jan 2007, 6:11pm

Hi,

Thank you for being here, having a bit of a hard time. My computer started acting very slow about a week ago. Very slow start up, wouldn't play any avi's or dvds without hanging, screens would lag...generally felt like I went from 1 gig of ram to 128 megs etc.

I ran my avg virus scan (took 12 hours!), spybot, and adaware and found nothing. Ran an online virus scan (also took ages), and nothing. I posted my hijackthis log on another forum and was told it was clean. So I assumed it WAS a ram problem and took it in.

They did a full sweep and found no hardware issues and the most they could do was disable a couple of startup programs and adjust my virtual memory (page file size.)

Still acting slow tho. So booted up in Safe mode and ran som virus scans with trendmicro...this turned up a couple of dialers (and an alexa thing) which I deleted...but it's still slow. I'm at my whits end.

I've been running microsofts LIve One care today, about 1/2 through the first test 6 hours in (I'm on broadband) so SOMETHING is going on. The disc says it doesn't need defraging either and this is so severe, it'd have to be more then that. I did run skndsk too but nothing came up.

Anyway, posting my hijack this log. Any ideas very very much appreciated!

Bill

Logfile of HijackThis v1.99.1
Scan saved at 12:16:11 PM, on 1/14/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\M-Audio\Ozone\Install\ozinst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
C:\Program Files\M-Audio Uno\UnoInst.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\WINDOWS\System32\TDispVol.exe
C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Documents and Settings\mememe\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/?.intl=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [cPadAlarm] C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - Global Startup: M-Audio Ozone Control Panel Launcher.lnk = C:\Program Files\M-Audio Ozone\OZTask.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/support/plugins/ebraryRdr.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://support.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ERHCRDI - Sysinternals - www.sysinternals.com - C:\DOCUME~1\mememe\LOCALS~1\Temp\ERHCRDI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MJEXPBJ - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\MJEXPBJ.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: M-Audio Ozone Installer (OzoneInstallerService) - Nemesis - C:\Program Files\M-Audio\Ozone\Install\ozinst.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: QYRENOHHFY - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\QYRENOHHFY.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service (file missing)
O23 - Service: M-Audio Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe
O23 - Service: YXVMN - Sysinternals - www.sysinternals.com - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\YXVMN.exe

billthompson

17 Jan 2007, 5:04pm

billthompson

17 Jan 2007, 5:05pm

Hi...I've still been working on it but no luck...still runs ragged...can anyone help? I've pasted today's hjt log below. Thanks!

Bill

Logfile of HijackThis v1.99.1
Scan saved at 5:10:52 PM, on 1/17/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\WINDOWS\System32\TDispVol.exe
C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mmc.exe
C:\Documents and Settings\mememe\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/?.intl=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [cPadAlarm] C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/support/plugins/ebraryRdr.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://support.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service (file missing)
O23 - Service: YXVMN - Sysinternals - www.sysinternals.com - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\YXVMN.exe

RyderOCZ

17 Jan 2007, 5:42pm

Hi Bill,

Can you go to www.cpuid.org/cpuz.php and download the latest CPU-z.

Then post a screenshot of the CPU, Mainboard, and Memory tab (you can open it multiple times and have each tab open so you only have to take 1 screenshot).

Thanks

billthompson

17 Jan 2007, 10:00pm

Hi Ryder,

thanks for your help...I couldn't get them to all open or to post them due to size so i put them on my server here: (I can't submit links yet either so just add the w's...thanks

billthompson(dot)org/prof_lofi/

thanks for your help! i can't figure out what's going on with it...

Bill

RyderOCZ

17 Jan 2007, 10:42pm

Ok...Speeds/memory all look normal.

I am not as good at HJT logs as some others here at S-M, but this doesn't look good:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
Your Proxy should not be set to the loopback addresss (127.0.0.1)
Also check the hosts file (should be located in \Windows\system32\drivers\etc\ folder.. the only entry in it should be 127.0.0.1 Localhost)

O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe

Any idea what those 2 entries are?

Trogan

17 Jan 2007, 11:25pm

Hi Ryder! Those entries are part of his Toshiba laptop.

Bill, there is nothing sticking out in your log. Could I get you to do the following please.

1. Download ATF (Atribune Temp File) Cleaner� by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.
This program is for XP and Windows 2000 only!

Double-click ATF Cleaner.exe to open it.

Under Main select the following:

Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

Click Exit on the Main menu to close the program.

2. Please do an online scan with Kaspersky WebScanner (http://www.kaspersky.com/virusscanner)

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT

Now click on Scan Settings
In the scan settings make that the following are selected:
Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)

Scan Options:
Scan Archives
Scan Mail Bases

Click OK
Now under select a target to scan:Select My Computer

This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
Save the file to your desktop. 3. I would like to see another log from HijackThis.
Run Hijackthis.
Click on Open the Misc Tools section.
Check the two white boxes next to Generate StartupList log
Now, click on Generate StartupList log
Press YES at the confirmation box
Copy and paste the entire contents of Notepad here 4. Please post the Kaspersky log and the StartupList log.

billthompson

18 Jan 2007, 1:30am

ok...thanks alot...need to go to bed but will do this first thing when I get home around noon tomorrow...thanks guys for all your help.

Bill

billthompson

18 Jan 2007, 8:03am

Hi Trogan,

Ok, I hope I did this right. Here's the two reports you've asked for. Let me know if I did them correctly. Thanks again:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, January 18, 2007 8:03:29 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 18/01/2007
Kaspersky Anti-Virus database records: 244706
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 123288
Number of viruses found: 0
Number of infected objects: 0 / 0
Number of suspicious objects: 0
Duration of the scan process: 04:53:30

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\mememe\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\mememe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\mememe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\mememe\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\mememe\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\mememe\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\mememe\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{C7CD821B-CF90-41E4-913A-E25BDBD3B0DB}\RP470\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallQ307274$\shgina.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ307274$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ307274$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ308131$\migrate.js Object is locked skipped
C:\WINDOWS\$NtUninstallQ308131$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ308131$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ308402$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ308402$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ308402$\srrstr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ308677$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ308677$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ308677$\userenv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ309521$\dxmasf.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ309521$\lsasrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ309521$\msdxm.ocx Object is locked skipped
C:\WINDOWS\$NtUninstallQ309521$\sfcfiles.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ310601$\mstask.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ310601$\mstinit.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ310601$\schedsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ310601$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ310601$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ310601$\srsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ311345$\msobmain.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ311345$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ311345$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ311455$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ311455$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ311455$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ311785$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ311785$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ311785$\w32time.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ311889$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ311889$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ311889$\termsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ312368$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ312368$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ312368$\syssetup.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ312370$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ312370$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ312370$\usbhub.sys Object is locked skipped
C:\WINDOWS\$NtUninstallQ312370$\usbport.sys Object is locked skipped
C:\WINDOWS\$NtUninstallQ314412$\msgina.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ314412$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ314412$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ314862$\qmgr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ315000$\netsetup.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.exe Object is locked skipped
C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.inf Object is locked skipped
C:\WINDOWS\$NtUninstallQ315000$\ssdpapi.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ315000$\ssdpsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ315000$\upnp.dll Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped

Scan process completed.

StartupList report, 1/18/2007, 8:07:49 AM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\mememe\Desktop\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\WINDOWS\System32\TDispVol.exe
C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mememe\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\mememe\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Tpwrtray = TPWRTRAY.EXE
TDispVol = TDispVol.exe
TMESBS.EXE = C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client
SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Pinger = c:\toshiba\ivp\ism\pinger.exe /run
cPadAlarm = C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe
AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
00THotkey = C:\WINDOWS\System32\00THotkey.exe
000StTHK = 000StTHK.exe
nwiz = nwiz.exe /installquiet

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
StubPath = "C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Registration reminder 1.job
Registration reminder 2.job
Registration reminder 3.job

--------------------------------------------------

Enumerating Download Program Files:

[Microsoft XML Parser for Java]
CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab
OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

[Infotl Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\EBRARY~1.OCX
CODEBASE = http://site.ebrary.com/support/plugins/ebraryRdr.cab

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan60.ocx
CODEBASE = http://housecall60.trendmicro.com/housecall/xscan60.cab

[CKAVWebScan Object]
InProcServer32 = C:\WINDOWS\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
CODEBASE = http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\System32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

[Trend Micro ActiveX Scan Agent 6.6]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll
CODEBASE = http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

[Symantec AntiVirus scanner]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\avsniff.dll
CODEBASE = http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

[{3334504D-0000-0010-8000-00AA00389B71}]
CODEBASE = http://codecs.microsoft.com/codecs/i386/mpeg4ax.cab

[Windows Live Safety Center Base Module]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\wlscBase.dll
CODEBASE = http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab

[Symantec RuFSI Utility Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

[Java Plug-in]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab

[Java Plug-in]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

[Java Plug-in]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Java Plug-in 1.5.0_06]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx
CODEBASE = http://download.macromedia.com/get/flashplayer/current/swflash.cab

[Seagate SeaTools English Online]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\npSeaTools_EN.dll
CODEBASE = http://support.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\mswsock.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\rsvpsp.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll
Protocol #24: C:\WINDOWS\system32\mswsock.dll
Protocol #25: C:\WINDOWS\system32\mswsock.dll
Protocol #26: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

61883 Unit Device: System32\DRIVERS\61883.sys (manual start)
Intel(r) 82801 Audio Driver Install Service (WDM): system32\drivers\ac97intc.sys (manual start)
Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
Adobe LM Service: "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" (disabled)
AdobeVersionCue: C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe (disabled)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (autostart)
TOSHIBA V92 Software Modem: System32\DRIVERS\AGRSM.sys (manual start)
Intel AGP Bus Filter: System32\DRIVERS\agp440.sys (system)
Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP Client Protocol: System32\DRIVERS\arp1394.sys (manual start)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
AVC Device: System32\DRIVERS\avc.sys (manual start)
AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system)
AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart)
AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart)
AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system)
AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system)
AVG7 Resident Driver XP: \SystemRoot\System32\Drivers\avg7rsxp.sys (system)
AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart)
AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system)
AVG7 Clean Driver: \SystemRoot\System32\Drivers\avgclean.sys (system)
AVG E-mail Scanner: C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe (autostart)
AVG Network Redirector: \SystemRoot\System32\Drivers\avgtdi.sys (autostart)
Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
MAC Bridge: System32\DRIVERS\bridge.sys (manual start)
MAC Bridge Miniport: System32\DRIVERS\bridge.sys (manual start)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
4.1M MPEG4 DV Video Capture: System32\Drivers\Ca536av.sys (autostart)
Closed Caption Decoder: System32\DRIVERS\CCDECODE.sys (manual start)
CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
Indexing Service: C:\WINDOWS\System32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)
Microsoft AC Adapter Driver: System32\DRIVERS\CmBatt.sys (manual start)
Microsoft Composite Battery Driver: System32\DRIVERS\compbatt.sys (system)
COM+ System Application: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
CO_Mon: \??\C:\WINDOWS\System32\Drivers\CO_Mon.sys (manual start)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Disk Driver: System32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Intel(R) PRO Adapter Driver: System32\DRIVERS\e100b325.sys (manual start)
Echo Indigo io Service: system32\drivers\echondgo.sys (manual start)
ERHCRDI: C:\DOCUME~1\mememe\LOCALS~1\Temp\ERHCRDI.exe (disabled)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (autostart)
FinePix Digital Camera 020523: System32\Drivers\V4CB0115.SYS (manual start)
F-Secure BlackLight Beta Engine Driver: \??\C:\DOCUME~1\mememe\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys (manual start)
Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
GEARAspiWDM: System32\Drivers\GEARAspiWDM.sys (manual start)
Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Microsoft HID Class Driver: System32\DRIVERS\hidusb.sys (manual start)
i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
InstallDriver Table Manager: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (manual start)
CD-Burning Filter Driver: System32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\System32\imapi.exe (manual start)
IntelIde: System32\DRIVERS\intelide.sys (system)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPodService: C:\Program Files\iPod\bin\iPodService.exe (manual start)
IPSEC driver: System32\DRIVERS\ipsec.sys (system)
IrDA Protocol: System32\DRIVERS\irda.sys (autostart)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
Infrared Monitor: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Serial Infrared Driver: System32\DRIVERS\irsir.sys (manual start)
PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
M-Audio Ozone: system32\drivers\MA763008.sys (manual start)
Macromedia Licensing Service: "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe" (manual start)
MADFU008: SYSTEM32\DRIVERS\MADFU008.sys (manual start)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
MJEXPBJ: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\MJEXPBJ.exe (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: System32\DRIVERS\mouhid.sys (manual start)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
MSCSPTISRV: C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (disabled)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Microsoft DV Camera and VCR: System32\DRIVERS\msdv.sys (manual start)
Windows Installer: C:\WINDOWS\System32\MsiExec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
MSSQL$SONY_MEDIAMGR: C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR (manual start)
MSSQLServerADHelper: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: System32\DRIVERS\NABTSFEC.sys (manual start)
Microsoft TV/Video Connection: System32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
NetBT: System32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (manual start)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)
Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
MD Simple Burner Service: C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe (disabled)
Net MD: System32\Drivers\NETMD052.sys (manual start)
1394 Net Driver: System32\DRIVERS\nic1394.sys (manual start)
Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: System32\DRIVERS\nv4_mini.sys (manual start)
NVIDIA Driver Helper Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
Texas Instruments OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
M-Audio Ozone Installer: C:\Program Files\M-Audio\Ozone\Install\ozinst.exe (disabled)
PACSPTISVR: C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (disabled)
PalmUSBD: system32\drivers\PalmUSBD.sys (manual start)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
pciSd: System32\DRIVERS\tossdpci.sys (manual start)
Pcmcia: System32\DRIVERS\pcmcia.sys (system)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
Pscmpb: C:\WINDOWS\System32\drivers\mspclock.sys (disabled)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\DRIVERS\PxHelp20.sys (system)
QYRENOHHFY: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\QYRENOHHFY.exe (disabled)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WAN Miniport (IrDA): System32\DRIVERS\rasirda.sys (manual start)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
EDIROL PCR: System32\Drivers\rdwm1027.sys (manual start)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
SBP-2 Transport/Protocol Bus Driver: System32\DRIVERS\sbp2port.sys (system)
Smart Card Helper: %SystemRoot%\System32\SCardSvr.exe (manual start)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (manual start)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
High-Capacity Floppy Disk Drive: System32\DRIVERS\sfloppy.sys (manual start)
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
BDA Slip De-Framer: System32\DRIVERS\SLIP.sys (manual start)
SMC IrCC Miniport Device Driver: System32\DRIVERS\smcirda.sys (manual start)
Acronis Snapshots Manager: System32\DRIVERS\snapman.sys (system)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
Sony SPTI Service: C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (disabled)
SQLAgent$SONY_MEDIAMGR: C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR (manual start)
System Restore Filter Driver: System32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
SonicStage SCSI Service: C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (disabled)
Still Serial Digital Camera Driver: System32\DRIVERS\serscan.sys (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start)
Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{A9C38690-5A49-4552-857E-84D48D5ED72E} (manual start)
Synaptics TouchPad Driver: System32\DRIVERS\SynTP.sys (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Acronis TrueImage FS Filter: System32\DRIVERS\tifsfilt.sys (autostart)
Acronis TrueImage Backup Archive Explorer: System32\DRIVERS\timntr.sys (system)
tmcomm: \??\C:\WINDOWS\System32\drivers\tmcomm.sys (autostart)
Tmesbs32: "C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service (autostart)
Toshiba BT-LANE: System32\DRIVERS\TOSRFLAN.sys (manual start)
Bluetooth Port Driver from Toshiba: System32\DRIVERS\tosporte.sys (manual start)
Bluetooth RFBUS from Toshiba: System32\Drivers\tosrfbd.sys (manual start)
Bluetooth RFCOMM from Toshiba: System32\Drivers\tosrfcom.sys (manual start)
Bluetooth ACPI from TOSHIBA: System32\DRIVERS\tosrfec.sys (manual start)
Bluetooth RFHID from Toshiba: System32\DRIVERS\Tosrfhid.sys (manual start)
Bluetooth USB Controller: System32\Drivers\tosrfusb.sys (manual start)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
TOSHIBA SD Card Host Controller Driver: System32\DRIVERS\tsdhd.sys (manual start)
Toshiba ACPI-Based Value Added Logical Device Driver: System32\DRIVERS\TVALD.SYS (system)
Toshiba ACPI-Based Value Added Logical Device Extension Driver: System32\DRIVERS\TVALDX.SYS (system)
Toshiba Value Added Logical and General Purpose Device Driver: System32\DRIVERS\TVALG.SYS (system)
Windows User Mode Driver Framework: C:\WINDOWS\System32\wdfmgr.exe (autostart)
M-Audio Uno Installer: C:\Program Files\M-Audio Uno\UnoInst.exe (disabled)
Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
M-Audio USB Uno Loader: system32\drivers\usb11ldr.sys (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
4.1M MPEG4 DV Bulk Driver: System32\Drivers\Bulk536.sys (manual start)
Microsoft USB Generic Parent Driver: System32\DRIVERS\usbccgp.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
USB Root Hub (usbport): System32\DRIVERS\usbhub.sys (manual start)
M-Audio USB Uno MIDI Driver: system32\drivers\usbmn1x1.sys (manual start)
M-Audio Ozone Midi: system32\drivers\usbnz1x1.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: System32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: System32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: System32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
YAMAHA AC-XG Audio Device: system32\drivers\yacxgc.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless LAN PC Card Driver: System32\DRIVERS\wlluc48.sys (manual start)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI Performance Adapter: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
World Standard Teletext Codec: System32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
YXVMN: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\YXVMN.exe (manual start)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 39,662 bytes
Report generated in 0.300 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

Trogan

18 Jan 2007, 8:18am

Hi Bill! Those logs are clean.

Can I get you to run this tool. It may or may not show us something different.

1. Download this file - combofix.exe (http://download.bleepingcomputer.com/sUBs/combofix.exe)
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

billthompson

18 Jan 2007, 8:51am

Hi Trogan,

Thanks again...here's the result:

"mememe" - 07-01-18 8:40:03 Service Pack 1
ComboFix 07-01-16.2 - Running from: "C:\Documents and Settings\mememe\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\INSTALL.LOG

((((((((((((((((((((((((((((((( Files Created from 2006-12-18 to 2007-01-18 ))))))))))))))))))))))))))))))))))

2007-01-18 01:45 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-01-18 01:45 <DIR> d-------- C:\WINDOWS\LastGood
2007-01-17 04:54 520,192 --a------ C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2007-01-17 01:50 27,255 --------- C:\WINDOWS\system32\drivers\NWWMUSB.sys
2007-01-17 01:49 11,510 --------- C:\WINDOWS\system32\drivers\VMCUSB.sys
2007-01-17 01:49 <DIR> d-------- C:\Program Files\Sony Corporation
2007-01-17 01:47 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
2007-01-14 12:04 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-01-14 01:37 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Application Data\Lavasoft
2007-01-14 00:06 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Application Data\AVG7
2007-01-13 22:13 <DIR> d-------- C:\Program Files\Trend Micro
2007-01-13 21:34 <DIR> d-------- C:\divx
2007-01-12 09:52 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-01-12 09:52 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-01-12 09:52 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-01-12 09:52 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2007-01-12 09:52 4,002 --a------ C:\WINDOWS\system32\tmp.reg
2007-01-12 09:52 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-01-12 09:52 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2007-01-12 09:41 <DIR> d-------- C:\spyware tools
2007-01-12 09:41 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-01-10 11:12 <DIR> d-------- C:\SDFix
2007-01-08 00:22 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-01-07 20:39 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-05 19:24 <DIR> d-------- C:\Program Files\Microsoft Bootvis
2007-01-05 19:01 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-01-05 18:58 <DIR> d-------- C:\Program Files\Seagate
2007-01-02 14:51 <DIR> d-------- C:\Program Files\virtualdub
2007-01-02 14:31 <DIR> d-------- C:\Program Files\plugins
2007-01-02 14:31 <DIR> d-------- C:\Program Files\aviproxy
2007-01-02 14:30 31,254 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2007-01-02 14:23 31,232 --a------ C:\WINDOWS\system\vdremote.dll
2007-01-02 14:23 25,088 --a------ C:\WINDOWS\system\vdsvrlnk.dll
2006-12-24 20:49 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2006-12-24 20:49 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-01-18 08:32 -------- d-------- C:\Program Files\mozilla firefox
2007-01-17 17:29 -------- d-------- C:\Program Files\google
2007-01-17 17:28 -------- d-------- C:\Program Files\Common Files\adobe
2007-01-17 17:24 -------- d-------- C:\Program Files\juice
2007-01-17 17:24 -------- d-------- C:\DOCUME~1\mememe\Application Data\mailwasher
2007-01-17 04:49 -------- d-------- C:\Program Files\sony
2007-01-17 04:48 -------- d--h----- C:\Program Files\installshield installation information
2007-01-17 01:52 -------- d-------- C:\Program Files\Common Files\sony shared
2007-01-16 15:28 -------- d-------- C:\DOCUME~1\mememe\Application Data\skype
2007-01-13 21:11 -------- d-------- C:\DOCUME~1\mememe\Application Data\adobe
2007-01-13 21:01 -------- d-------- C:\Program Files\soulseek
2007-01-13 20:03 -------- d-------- C:\Program Files\yahoo!
2007-01-13 20:03 -------- d-------- C:\Program Files\coolpro2
2007-01-08 03:13 -------- d-------- C:\Program Files\quicktime
2007-01-08 02:40 -------- d-------- C:\Program Files\m-audio uno
2007-01-08 02:39 -------- d-------- C:\Program Files\ltmoh
2007-01-08 02:33 -------- d-------- C:\Program Files\izarc
2007-01-07 20:39 -------- d-------- C:\Program Files\grisoft
2007-01-03 22:43 -------- d-ah----- C:\Program Files\windowsupdate
2007-01-03 22:43 -------- d-------- C:\DOCUME~1\mememe\Application Data\pace anti-piracy
2006-12-17 15:15 -------- d-------- C:\DOCUME~1\mememe\Application Data\sonic foundry
2006-12-17 15:10 -------- d-------- C:\Program Files\sonic foundry
2006-12-17 15:06 -------- d-------- C:\Program Files\sonic foundry setup
2006-12-16 16:07 133632 --a------ C:\WINDOWS\system32\spoonuninstall.exe
2006-12-16 16:04 -------- d-------- C:\Program Files\bingo rm to mp3 wave converter
2006-12-04 23:25 -------- d-------- C:\Program Files\skype
2006-12-02 13:23 -------- d-------- C:\DOCUME~1\mememe\Application Data\opera
2006-11-27 22:30 -------- d-------- C:\DOCUME~1\mememe\Application Data\avg7
2006-11-25 21:38 -------- d-------- C:\Program Files\evolver soundeditor
2006-11-22 10:23 816672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-11-22 10:23 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-11-22 10:22 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-11-22 10:22 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-11-22 10:22 28416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-11-22 10:22 18240 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2006-11-20 05:15 -------- d-------- C:\DOCUME~1\mememe\Application Data\publish providers
2006-11-19 01:36 -------- d-------- C:\DOCUME~1\mememe\Application Data\divx
2006-10-30 17:09 45344 --a------ C:\DOCUME~1\mememe\Application Data\gdipfontcachev1.dat
2006-10-29 15:03 8704 --ahs---- C:\Program Files\thumbs.db
2006-10-26 21:02 4608 --a------ C:\WINDOWS\system32\w95inf32.dll
2006-10-26 21:02 2272 --a------ C:\WINDOWS\system32\w95inf16.dll
2006-10-07 15:53 453000 --a------ C:\Program Files\evolverexe330.zip

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Tpwrtray"="TPWRTRAY.EXE"
"TDispVol"="TDispVol.exe"
"TMESBS.EXE"="C:\\Program Files\\TOSHIBA\\TME3\\TMESBS32.EXE /Client"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Pinger"="c:\\toshiba\\ivp\\ism\\pinger.exe /run"
"cPadAlarm"="C:\\Program Files\\Synaptics\\SynTP\\cPad\\AlarmWatcher.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"00THotkey"="C:\\WINDOWS\\System32\\00THotkey.exe"
"000StTHK"="000StTHK.exe"
"nwiz"="nwiz.exe /installquiet"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~3.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^M-Audio Ozone Control Panel Launcher.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\M-Audio Ozone Control Panel Launcher.lnk"
"backup"="C:\\WINDOWS\\pss\\M-Audio Ozone Control Panel Launcher.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\M-AUDI~2\\OZTask.exe "
"item"="M-Audio Ozone Control Panel Launcher"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~3\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Trend Micro Anti-Spyware.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Trend Micro Anti-Spyware.lnk"
"backup"="C:\\WINDOWS\\pss\\Trend Micro Anti-Spyware.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\TRENDM~1\\Tmas\\Tmas.exe -autostart"
"item"="Trend Micro Anti-Spyware"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^mememe^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\mememe\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeVersionCue]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VersionCueTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\Adobe\\Adobe Version Cue\\ControlPanel\\VersionCueTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ltmoh"
"hkey"="HKLM"
"command"="C:\\Program Files\\ltmoh\\Ltmoh.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="M-AudioTaskBarIcon"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\M-AudioTaskBarIcon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /installquiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="REGSHAVE"
"hkey"="HKLM"
"command"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="C:\\Program Files\\Roxio\\Roxio DVDMax Player\\PDVDServ.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DrgToDsc"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swdoctor"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SsAAD"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TcmTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFncKy]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TFncKy"
"hkey"="HKLM"
"command"="TFncKy.exe /Type 03"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFNF5]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TFNF5"
"hkey"="HKLM"
"command"="TFNF5.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosHKCW.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosHKCW"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\TOSHIBA\\Wireless Hotkey\\TosHKCW.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TouchED]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TouchED"
"hkey"="HKLM"
"command"="C:\\Program Files\\TOSHIBA\\TouchED\\TouchED.Exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AdobeVersionCue"=dword:00000003
"UnoInstallerService"=dword:00000002
"OzoneInstallerService"=dword:00000002
"NetMDSB"=dword:00000002
"SSScsiSV"=dword:00000003
"SPTISRV"=dword:00000003
"QYRENOHHFY"=dword:00000003
"PACSPTISVR"=dword:00000003
"MSCSPTISRV"=dword:00000003
"MJEXPBJ"=dword:00000003
"ERHCRDI"=dword:00000003
"Adobe LM Service"=dword:00000003

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{03A80B1D-5C6A-42c2-9DFB-81B6005D8023}"="Trend Micro Anti-Spyware Shell Extension"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23775220-4971-11da-a54f-00022d84329a}]
shell\play\command "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L"
shell\play\command Files\InterVideo\WinDVD4\WinDVD.exe

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Registration reminder 1.job
C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job

Completion time: 07-01-18 8:45:35

Trogan

18 Jan 2007, 9:04am

That is clean too. One more scan to rule out any possible Rootkit.

Download and Save Blacklight (https://europe.f-secure.com/blacklight/try.shtml) to your desktop (choose "I ACCEPT" then click "DOWNLOAD" on the website).

Double-click blbeta.exe then accept the agreement, click > "Scan" then > "Next".

You'll see a list of all items found. There will also be a log on your desktop with the name "fsbl.xxxxxxxxxxxxxx.log" (the xxxxxxxxxxxxxx stand for numbers).

Copy and paste this log in your next reply. Don't choose the rename option yet! I want to see the log first, because legitimate items can also be present there, such as "wbemtest.exe"

billthompson

18 Jan 2007, 9:16am

ok, thanks Trog,

I've got to run to work but will post the results around noon...computer just hung (sigh)...maybe it's just old :[

Thanks for your help again,

Bill

Trogan

18 Jan 2007, 9:19am

No problem! :)

billthompson

18 Jan 2007, 12:12pm

Hi Trog,

Well, it said nothing found but the log looks weird...should I run it again?

01/18/07 09:26:52 [Info]: BlackLight Engine 1.0.55 initialized
01/18/07 09:26:52 [Info]: OS: 5.1 build 2600 (Service Pack 1)
01/18/07 09:26:52 [Note]: 7019 4
01/18/07 09:26:52 [Note]: 7005 0
01/18/07 09:26:56 [Note]: 7006 0
01/18/07 09:26:56 [Note]: 7011 1348
01/18/07 09:26:56 [Note]: 7026 0
01/18/07 09:26:56 [Note]: 7026 0
01/18/07 09:27:06 [Note]: FSRAW library version 1.7.1021
01/18/07 09:27:07 [Note]: 4000 5
01/18/07 09:27:07 [Note]: 4007 5
01/18/07 09:27:07 [Error]: 4028 5
01/18/07 09:27:08 [Note]: 4000 5
01/18/07 09:27:08 [Note]: 4007 5
01/18/07 09:27:08 [Error]: 4028 5
01/18/07 09:27:09 [Note]: 4000 5
01/18/07 09:27:09 [Note]: 4007 5
01/18/07 09:27:09 [Error]: 4028 5
01/18/07 09:27:09 [Note]: 4000 5
01/18/07 09:27:09 [Note]: 4007 5
01/18/07 09:27:09 [Error]: 4028 5
01/18/07 09:27:09 [Note]: 4000 5
01/18/07 09:27:10 [Note]: 4007 5
01/18/07 09:27:10 [Error]: 4028 5
01/18/07 09:27:10 [Note]: 4000 5
01/18/07 09:27:10 [Note]: 4007 5
01/18/07 09:27:10 [Error]: 4028 5
01/18/07 09:27:10 [Note]: 4000 5
01/18/07 09:27:11 [Note]: 4007 5
01/18/07 09:27:11 [Error]: 4028 5
01/18/07 09:27:11 [Note]: 4000 5
01/18/07 09:27:11 [Note]: 4007 5
01/18/07 09:27:11 [Error]: 4028 5
01/18/07 09:27:11 [Note]: 4000 5
01/18/07 09:27:11 [Note]: 4007 5
01/18/07 09:27:11 [Error]: 4028 5
01/18/07 09:27:12 [Note]: 4000 5
01/18/07 09:27:12 [Note]: 4007 5
01/18/07 09:27:12 [Error]: 4028 5
01/18/07 09:27:12 [Note]: 4000 5
01/18/07 09:27:12 [Note]: 4007 5
01/18/07 09:27:12 [Error]: 4028 5
01/18/07 09:27:13 [Note]: 4000 5
01/18/07 09:27:13 [Note]: 4007 5
01/18/07 09:27:13 [Error]: 4028 5
01/18/07 09:27:13 [Note]: 4000 5
01/18/07 09:27:13 [Note]: 4007 5
01/18/07 09:27:13 [Error]: 4028 5
01/18/07 09:27:13 [Note]: 4000 5
01/18/07 09:27:13 [Note]: 4007 5
01/18/07 09:27:13 [Error]: 4028 5
01/18/07 09:27:14 [Note]: 4000 5
01/18/07 09:27:14 [Note]: 4007 5
01/18/07 09:27:14 [Error]: 4028 5
01/18/07 09:27:14 [Note]: 4000 5
01/18/07 09:27:14 [Note]: 4007 5
01/18/07 09:27:14 [Error]: 4028 5
01/18/07 09:27:16 [Note]: 4000 5
01/18/07 09:27:16 [Note]: 4007 5
01/18/07 09:27:16 [Error]: 4028 5
01/18/07 09:27:18 [Note]: 4000 5
01/18/07 09:27:18 [Note]: 4007 5
01/18/07 09:27:18 [Error]: 4028 5
01/18/07 09:27:20 [Note]: 4000 5
01/18/07 09:27:20 [Note]: 4007 5
01/18/07 09:27:20 [Error]: 4028 5
01/18/07 09:27:22 [Note]: 4000 5
01/18/07 09:27:22 [Note]: 4007 5
01/18/07 09:27:22 [Error]: 4028 5
01/18/07 09:27:23 [Note]: 4000 5
01/18/07 09:27:23 [Note]: 4007 5
01/18/07 09:27:23 [Error]: 4028 5
01/18/07 09:27:26 [Note]: 4000 5
01/18/07 09:27:26 [Note]: 4007 5
01/18/07 09:27:26 [Error]: 4028 5
01/18/07 09:27:27 [Note]: 4000 5
01/18/07 09:27:27 [Note]: 4007 5
01/18/07 09:27:27 [Error]: 4028 5
01/18/07 09:27:28 [Note]: 4000 5
01/18/07 09:27:28 [Note]: 4007 5
01/18/07 09:27:28 [Error]: 4028 5
01/18/07 09:27:30 [Note]: 4000 5
01/18/07 09:27:30 [Note]: 4007 5
01/18/07 09:27:30 [Error]: 4028 5
01/18/07 09:27:31 [Note]: 4000 5
01/18/07 09:27:31 [Note]: 4007 5
01/18/07 09:27:31 [Error]: 4028 5
01/18/07 09:27:32 [Note]: 4000 5
01/18/07 09:27:32 [Note]: 4007 5
01/18/07 09:27:32 [Error]: 4028 5
01/18/07 09:27:33 [Note]: 4000 5
01/18/07 09:27:33 [Note]: 4007 5
01/18/07 09:27:33 [Error]: 4028 5
01/18/07 09:27:36 [Note]: 4000 5
01/18/07 09:27:36 [Note]: 4007 5
01/18/07 09:27:36 [Error]: 4028 5
01/18/07 09:27:37 [Note]: 4000 5
01/18/07 09:27:37 [Note]: 4007 5
01/18/07 09:27:37 [Error]: 4028 5
01/18/07 09:27:38 [Note]: 4000 5
01/18/07 09:27:38 [Note]: 4007 5
01/18/07 09:27:38 [Error]: 4028 5
01/18/07 09:27:40 [Note]: 4000 5
01/18/07 09:27:40 [Note]: 4007 5
01/18/07 09:27:40 [Error]: 4028 5
01/18/07 09:27:41 [Note]: 4000 5
01/18/07 09:27:41 [Note]: 4007 5
01/18/07 09:27:41 [Error]: 4028 5
01/18/07 09:27:42 [Note]: 4000 5
01/18/07 09:27:42 [Note]: 4007 5
01/18/07 09:27:42 [Error]: 4028 5
01/18/07 09:27:43 [Note]: 4000 5
01/18/07 09:27:43 [Note]: 4007 5
01/18/07 09:27:43 [Error]: 4028 5
01/18/07 09:27:44 [Note]: 4000 5
01/18/07 09:27:44 [Note]: 4007 5
01/18/07 09:27:44 [Error]: 4028 5
01/18/07 09:27:46 [Note]: 4000 5
01/18/07 09:27:46 [Note]: 4007 5
01/18/07 09:27:46 [Error]: 4028 5
01/18/07 09:27:47 [Note]: 4000 5
01/18/07 09:27:47 [Note]: 4007 5
01/18/07 09:27:47 [Error]: 4028 5
01/18/07 09:27:48 [Note]: 4000 5
01/18/07 09:27:48 [Note]: 4007 5
01/18/07 09:27:48 [Error]: 4028 5
01/18/07 09:27:50 [Note]: 4000 5
01/18/07 09:27:50 [Note]: 4007 5
01/18/07 09:27:50 [Error]: 4028 5
01/18/07 09:27:52 [Note]: 4000 5
01/18/07 09:27:52 [Note]: 4007 5
01/18/07 09:27:52 [Error]: 4028 5
01/18/07 09:27:53 [Note]: 4000 5
01/18/07 09:27:53 [Note]: 4007 5
01/18/07 09:27:53 [Error]: 4028 5
01/18/07 09:27:55 [Note]: 4000 5
01/18/07 09:27:55 [Note]: 4007 5
01/18/07 09:27:55 [Error]: 4028 5
01/18/07 09:27:56 [Note]: 4000 5
01/18/07 09:27:56 [Note]: 4007 5
01/18/07 09:27:56 [Error]: 4028 5
01/18/07 09:27:58 [Note]: 4000 5
01/18/07 09:27:58 [Note]: 4007 5
01/18/07 09:27:58 [Error]: 4028 5
01/18/07 09:28:00 [Note]: 4000 5
01/18/07 09:28:00 [Note]: 4007 5
01/18/07 09:28:00 [Error]: 4028 5
01/18/07 09:28:01 [Note]: 4000 5
01/18/07 09:28:01 [Note]: 4007 5
01/18/07 09:28:01 [Error]: 4028 5
01/18/07 09:28:03 [Note]: 4000 5
01/18/07 09:28:03 [Note]: 4007 5
01/18/07 09:28:03 [Error]: 4028 5
01/18/07 09:28:06 [Note]: 4000 5
01/18/07 09:28:06 [Note]: 4007 5
01/18/07 09:28:06 [Error]: 4028 5
01/18/07 09:28:08 [Note]: 4000 5
01/18/07 09:28:08 [Note]: 4007 5
01/18/07 09:28:08 [Error]: 4028 5
01/18/07 09:28:09 [Note]: 4000 5
01/18/07 09:28:09 [Note]: 4007 5
01/18/07 09:28:09 [Error]: 4028 5
01/18/07 09:28:11 [Note]: 4000 5
01/18/07 09:28:11 [Note]: 4007 5
01/18/07 09:28:11 [Error]: 4028 5
01/18/07 09:28:12 [Note]: 4000 5
01/18/07 09:28:12 [Note]: 4007 5
01/18/07 09:28:12 [Error]: 4028 5
01/18/07 09:28:13 [Note]: 4000 5
01/18/07 09:28:13 [Note]: 4007 5
01/18/07 09:28:13 [Error]: 4028 5
01/18/07 09:28:15 [Note]: 4000 5
01/18/07 09:28:15 [Note]: 4007 5
01/18/07 09:28:15 [Error]: 4028 5
01/18/07 09:28:16 [Note]: 4000 5
01/18/07 09:28:17 [Note]: 4007 5
01/18/07 09:28:17 [Error]: 4028 5
01/18/07 09:28:18 [Note]: 4000 5
01/18/07 09:28:18 [Note]: 4007 5
01/18/07 09:28:18 [Error]: 4028 5
01/18/07 09:28:19 [Note]: 4000 5
01/18/07 09:28:19 [Note]: 4007 5
01/18/07 09:28:19 [Error]: 4028 5
01/18/07 09:28:21 [Note]: 4000 5
01/18/07 09:28:21 [Note]: 4007 5
01/18/07 09:28:21 [Error]: 4028 5
01/18/07 09:28:22 [Note]: 4000 5
01/18/07 09:28:22 [Note]: 4007 5
01/18/07 09:28:22 [Error]: 4028 5
01/18/07 09:28:24 [Note]: 4000 5
01/18/07 09:28:24 [Note]: 4007 5
01/18/07 09:28:24 [Error]: 4028 5
01/18/07 09:28:25 [Note]: 4000 5
01/18/07 09:28:25 [Note]: 4007 5
01/18/07 09:28:25 [Error]: 4028 5
01/18/07 09:28:26 [Note]: 4000 5
01/18/07 09:28:26 [Note]: 4007 5
01/18/07 09:28:26 [Error]: 4028 5
01/18/07 09:28:27 [Note]: 4000 5
01/18/07 09:28:28 [Note]: 4007 5
01/18/07 09:28:28 [Error]: 4028 5
01/18/07 09:28:29 [Note]: 4000 5
01/18/07 09:28:29 [Note]: 4007 5
01/18/07 09:28:29 [Error]: 4028 5
01/18/07 09:28:31 [Note]: 4000 5
01/18/07 09:28:31 [Note]: 4007 5
01/18/07 09:28:31 [Error]: 4028 5
01/18/07 09:28:32 [Note]: 4000 5
01/18/07 09:28:32 [Note]: 4007 5
01/18/07 09:28:32 [Error]: 4028 5
01/18/07 09:28:35 [Note]: 4000 5
01/18/07 09:28:35 [Note]: 4007 5
01/18/07 09:28:35 [Error]: 4028 5
01/18/07 09:28:38 [Note]: 4000 5
01/18/07 09:28:38 [Note]: 4007 5
01/18/07 09:28:38 [Error]: 4028 5
01/18/07 09:28:42 [Note]: 4000 5
01/18/07 09:28:42 [Note]: 4007 5
01/18/07 09:28:42 [Error]: 4028 5
01/18/07 09:28:45 [Note]: 4000 5
01/18/07 09:28:45 [Note]: 4007 5
01/18/07 09:28:45 [Error]: 4028 5
01/18/07 09:28:48 [Note]: 4000 5
01/18/07 09:28:48 [Note]: 4007 5
01/18/07 09:28:48 [Error]: 4028 5
01/18/07 09:28:51 [Note]: 4000 5
01/18/07 09:28:51 [Note]: 4007 5
01/18/07 09:28:51 [Error]: 4028 5
01/18/07 09:28:54 [Note]: 4000 5
01/18/07 09:28:54 [Note]: 4007 5
01/18/07 09:28:54 [Error]: 4028 5
01/18/07 09:28:57 [Note]: 4000 5
01/18/07 09:28:57 [Note]: 4007 5
01/18/07 09:28:57 [Error]: 4028 5
01/18/07 09:29:01 [Note]: 4000 5
01/18/07 09:29:01 [Note]: 4007 5
01/18/07 09:29:01 [Error]: 4028 5
01/18/07 09:29:04 [Note]: 4000 5
01/18/07 09:29:04 [Note]: 4007 5
01/18/07 09:29:04 [Error]: 4028 5
01/18/07 09:29:07 [Note]: 4000 5
01/18/07 09:29:07 [Note]: 4007 5
01/18/07 09:29:07 [Error]: 4028 5
01/18/07 09:29:10 [Note]: 4000 5
01/18/07 09:29:10 [Note]: 4007 5
01/18/07 09:29:10 [Error]: 4028 5
01/18/07 09:29:13 [Note]: 4000 5
01/18/07 09:29:13 [Note]: 4007 5
01/18/07 09:29:13 [Error]: 4028 5
01/18/07 09:29:17 [Note]: 4000 5
01/18/07 09:29:17 [Note]: 4007 5
01/18/07 09:29:17 [Error]: 4028 5
01/18/07 09:29:20 [Note]: 4000 5
01/18/07 09:29:20 [Note]: 4007 5
01/18/07 09:29:20 [Error]: 4028 5
01/18/07 09:29:23 [Note]: 4000 5
01/18/07 09:29:23 [Note]: 4007 5
01/18/07 09:29:23 [Error]: 4028 5
01/18/07 09:29:26 [Note]: 4000 5
01/18/07 09:29:26 [Note]: 4007 5
01/18/07 09:29:26 [Error]: 4028 5
01/18/07 09:29:29 [Note]: 4000 5
01/18/07 09:29:29 [Note]: 4007 5
01/18/07 09:29:29 [Error]: 4028 5
01/18/07 09:29:33 [Note]: 4000 5
01/18/07 09:29:33 [Note]: 4007 5
01/18/07 09:29:33 [Error]: 4028 5
01/18/07 09:29:36 [Note]: 4000 5
01/18/07 09:29:36 [Note]: 4007 5
01/18/07 09:29:36 [Error]: 4028 5
01/18/07 09:29:39 [Note]: 4000 5
01/18/07 09:29:39 [Note]: 4007 5
01/18/07 09:29:39 [Error]: 4028 5
01/18/07 09:29:42 [Note]: 4000 5
01/18/07 09:29:42 [Note]: 4007 5
01/18/07 09:29:42 [Error]: 4028 5
01/18/07 09:29:46 [Note]: 4000 5
01/18/07 09:29:46 [Note]: 4007 5
01/18/07 09:29:46 [Error]: 4028 5
01/18/07 09:29:49 [Note]: 4000 5
01/18/07 09:29:49 [Note]: 4007 5
01/18/07 09:29:49 [Error]: 4028 5
01/18/07 09:29:52 [Note]: 4000 5
01/18/07 09:29:52 [Note]: 4007 5
01/18/07 09:29:52 [Error]: 4028 5
01/18/07 09:29:55 [Note]: 4000 5
01/18/07 09:29:55 [Note]: 4007 5
01/18/07 09:29:55 [Error]: 4028 5
01/18/07 09:29:59 [Note]: 4000 5
01/18/07 09:29:59 [Note]: 4007 5
01/18/07 09:29:59 [Error]: 4028 5
01/18/07 09:30:02 [Note]: 4000 5
01/18/07 09:30:02 [Note]: 4007 5
01/18/07 09:30:02 [Error]: 4028 5
01/18/07 09:30:05 [Note]: 4000 5
01/18/07 09:30:05 [Note]: 4007 5
01/18/07 09:30:05 [Error]: 4028 5
01/18/07 09:30:09 [Note]: 4000 5
01/18/07 09:30:09 [Note]: 4007 5
01/18/07 09:30:09 [Error]: 4028 5
01/18/07 09:30:12 [Note]: 4000 5
01/18/07 09:30:12 [Note]: 4007 5
01/18/07 09:30:12 [Error]: 4028 5
01/18/07 09:30:15 [Note]: 4000 5
01/18/07 09:30:15 [Note]: 4007 5
01/18/07 09:30:15 [Error]: 4028 5
01/18/07 09:30:18 [Note]: 4000 5
01/18/07 09:30:18 [Note]: 4007 5
01/18/07 09:30:18 [Error]: 4028 5
01/18/07 09:30:22 [Note]: 4000 5
01/18/07 09:30:22 [Note]: 4007 5
01/18/07 09:30:22 [Error]: 4028 5
01/18/07 09:30:25 [Note]: 4000 5
01/18/07 09:30:25 [Note]: 4007 5
01/18/07 09:30:25 [Error]: 4028 5
01/18/07 09:30:28 [Note]: 4000 5
01/18/07 09:30:28 [Note]: 4007 5
01/18/07 09:30:28 [Error]: 4028 5
01/18/07 09:30:32 [Note]: 4000 5
01/18/07 09:30:32 [Note]: 4007 5
01/18/07 09:30:32 [Error]: 4028 5
01/18/07 09:30:35 [Note]: 4000 5
01/18/07 09:30:35 [Note]: 4007 5
01/18/07 09:30:35 [Error]: 4028 5
01/18/07 09:30:38 [Note]: 4000 5
01/18/07 09:30:39 [Note]: 4007 5
01/18/07 09:30:39 [Error]: 4028 5
01/18/07 09:30:42 [Note]: 4000 5
01/18/07 09:30:42 [Note]: 4007 5
01/18/07 09:30:42 [Error]: 4028 5
01/18/07 09:30:45 [Note]: 4000 5
01/18/07 09:30:45 [Note]: 4007 5
01/18/07 09:30:45 [Error]: 4028 5
01/18/07 09:30:49 [Note]: 4000 5
01/18/07 09:30:49 [Note]: 4007 5
01/18/07 09:30:49 [Error]: 4028 5
01/18/07 09:30:52 [Note]: 4000 5
01/18/07 09:30:52 [Note]: 4007 5
01/18/07 09:30:52 [Error]: 4028 5
01/18/07 09:30:56 [Note]: 4000 5
01/18/07 09:30:56 [Note]: 4007 5
01/18/07 09:30:56 [Error]: 4028 5
01/18/07 09:30:59 [Note]: 4000 5
01/18/07 09:30:59 [Note]: 4007 5
01/18/07 09:30:59 [Error]: 4028 5
01/18/07 09:31:02 [Note]: 4000 5
01/18/07 09:31:02 [Note]: 4007 5
01/18/07 09:31:02 [Error]: 4028 5
01/18/07 09:31:06 [Note]: 4000 5
01/18/07 09:31:06 [Note]: 4007 5
01/18/07 09:31:06 [Error]: 4028 5
01/18/07 09:31:09 [Note]: 4000 5
01/18/07 09:31:09 [Note]: 4007 5
01/18/07 09:31:09 [Error]: 4028 5
01/18/07 09:31:12 [Note]: 4000 5
01/18/07 09:31:12 [Note]: 4007 5
01/18/07 09:31:12 [Error]: 4028 5
01/18/07 09:31:16 [Note]: 4000 5
01/18/07 09:31:16 [Note]: 4007 5
01/18/07 09:31:16 [Error]: 4028 5
01/18/07 09:31:19 [Note]: 4000 5
01/18/07 09:31:19 [Note]: 4007 5
01/18/07 09:31:19 [Error]: 4028 5
01/18/07 09:31:23 [Note]: 4000 5
01/18/07 09:31:23 [Note]: 4007 5
01/18/07 09:31:23 [Error]: 4028 5
01/18/07 09:31:26 [Note]: 4000 5
01/18/07 09:31:26 [Note]: 4007 5
01/18/07 09:31:26 [Error]: 4028 5
01/18/07 09:31:30 [Note]: 4000 5
01/18/07 09:31:30 [Note]: 4007 5
01/18/07 09:31:30 [Error]: 4028 5
01/18/07 09:31:33 [Note]: 4000 5
01/18/07 09:31:33 [Note]: 4007 5
01/18/07 09:31:33 [Error]: 4028 5
01/18/07 09:31:36 [Note]: 4000 5
01/18/07 09:31:36 [Note]: 4007 5
01/18/07 09:31:36 [Error]: 4028 5
01/18/07 09:31:40 [Note]: 4000 5
01/18/07 09:31:40 [Note]: 4007 5
01/18/07 09:31:40 [Error]: 4028 5
01/18/07 09:31:44 [Note]: 4000 5
01/18/07 09:31:44 [Note]: 4007 5
01/18/07 09:31:44 [Error]: 4028 5
01/18/07 09:31:46 [Note]: 4000 5
01/18/07 09:31:46 [Note]: 4007 5
01/18/07 09:31:46 [Error]: 4028 5
01/18/07 09:31:50 [Note]: 4000 5
01/18/07 09:31:50 [Note]: 4007 5
01/18/07 09:31:50 [Error]: 4028 5
01/18/07 09:31:53 [Note]: 4000 5
01/18/07 09:31:53 [Note]: 4007 5
01/18/07 09:31:53 [Error]: 4028 5
01/18/07 09:31:56 [Note]: 4000 5
01/18/07 09:31:56 [Note]: 4007 5
01/18/07 09:31:56 [Error]: 4028 5
01/18/07 09:32:00 [Note]: 4000 5
01/18/07 09:32:00 [Note]: 4007 5
01/18/07 09:32:00 [Error]: 4028 5
01/18/07 09:32:04 [Note]: 4000 5
01/18/07 09:32:04 [Note]: 4007 5
01/18/07 09:32:04 [Error]: 4028 5
01/18/07 09:32:07 [Note]: 4000 5
01/18/07 09:32:07 [Note]: 4007 5
01/18/07 09:32:07 [Error]: 4028 5
01/18/07 09:32:11 [Note]: 4000 5
01/18/07 09:32:11 [Note]: 4007 5
01/18/07 09:32:11 [Error]: 4028 5
01/18/07 09:32:15 [Note]: 4000 5
01/18/07 09:32:15 [Note]: 4007 5
01/18/07 09:32:15 [Error]: 4028 5
01/18/07 09:32:19 [Note]: 4000 5
01/18/07 09:32:19 [Note]: 4007 5
01/18/07 09:32:19 [Error]: 4028 5
01/18/07 09:32:22 [Note]: 4000 5
01/18/07 09:32:22 [Note]: 4007 5
01/18/07 09:32:22 [Error]: 4028 5
01/18/07 09:32:25 [Note]: 4000 5
01/18/07 09:32:25 [Note]: 4007 5
01/18/07 09:32:25 [Error]: 4028 5
01/18/07 09:32:29 [Note]: 4000 5
01/18/07 09:32:29 [Note]: 4007 5
01/18/07 09:32:29 [Error]: 4028 5
01/18/07 09:32:32 [Note]: 4000 5
01/18/07 09:32:32 [Note]: 4007 5
01/18/07 09:32:32 [Error]: 4028 5
01/18/07 09:32:36 [Note]: 4000 5
01/18/07 09:32:36 [Note]: 4007 5
01/18/07 09:32:36 [Error]: 4028 5
01/18/07 09:32:39 [Note]: 4000 5
01/18/07 09:32:39 [Note]: 4007 5
01/18/07 09:32:39 [Error]: 4028 5
01/18/07 09:32:43 [Note]: 4000 5
01/18/07 09:32:43 [Note]: 4007 5
01/18/07 09:32:43 [Error]: 4028 5
01/18/07 09:32:46 [Note]: 4000 5
01/18/07 09:32:46 [Note]: 4007 5
01/18/07 09:32:46 [Error]: 4028 5
01/18/07 09:32:49 [Note]: 4000 5
01/18/07 09:32:49 [Note]: 4007 5
01/18/07 09:32:49 [Error]: 4028 5
01/18/07 09:32:52 [Note]: 4000 5
01/18/07 09:32:52 [Note]: 4007 5
01/18/07 09:32:52 [Error]: 4028 5
01/18/07 09:32:56 [Note]: 4000 5
01/18/07 09:32:56 [Note]: 4007 5
01/18/07 09:32:56 [Error]: 4028 5
01/18/07 09:32:59 [Note]: 4000 5
01/18/07 09:32:59 [Note]: 4007 5
01/18/07 09:32:59 [Error]: 4028 5
01/18/07 09:33:01 [Note]: 4000 5
01/18/07 09:33:01 [Note]: 4007 5
01/18/07 09:33:01 [Error]: 4028 5
01/18/07 09:33:03 [Note]: 4000 5
01/18/07 09:33:03 [Note]: 4007 5
01/18/07 09:33:03 [Error]: 4028 5
01/18/07 09:33:06 [Note]: 4000 5
01/18/07 09:33:06 [Note]: 4007 5
01/18/07 09:33:06 [Error]: 4028 5
01/18/07 09:33:09 [Note]: 4000 5
01/18/07 09:33:09 [Note]: 4007 5
01/18/07 09:33:09 [Error]: 4028 5
01/18/07 09:33:11 [Note]: 4000 5
01/18/07 09:33:11 [Note]: 4007 5
01/18/07 09:33:11 [Error]: 4028 5
01/18/07 09:33:13 [Note]: 4000 5
01/18/07 09:33:14 [Note]: 4007 5
01/18/07 09:33:14 [Error]: 4028 5
01/18/07 09:33:16 [Note]: 4000 5
01/18/07 09:33:16 [Note]: 4007 5
01/18/07 09:33:16 [Error]: 4028 5
01/18/07 09:33:18 [Note]: 4000 5
01/18/07 09:33:18 [Note]: 4007 5
01/18/07 09:33:18 [Error]: 4028 5
01/18/07 09:33:20 [Note]: 4000 5
01/18/07 09:33:21 [Note]: 4007 5
01/18/07 09:33:21 [Error]: 4028 5
01/18/07 09:33:23 [Note]: 4000 5
01/18/07 09:33:23 [Note]: 4007 5
01/18/07 09:33:23 [Error]: 4028 5
01/18/07 09:33:26 [Note]: 4000 5
01/18/07 09:33:26 [Note]: 4007 5
01/18/07 09:33:26 [Error]: 4028 5
01/18/07 09:33:29 [Note]: 4000 5
01/18/07 09:33:29 [Note]: 4007 5
01/18/07 09:33:29 [Error]: 4028 5
01/18/07 09:33:31 [Note]: 4000 5
01/18/07 09:33:31 [Note]: 4007 5
01/18/07 09:33:31 [Error]: 4028 5
01/18/07 09:33:34 [Note]: 4000 5
01/18/07 09:33:34 [Note]: 4007 5
01/18/07 09:33:34 [Error]: 4028 5
01/18/07 09:33:36 [Note]: 4000 5
01/18/07 09:33:36 [Note]: 4007 5
01/18/07 09:33:36 [Error]: 4028 5
01/18/07 09:33:38 [Note]: 4000 5
01/18/07 09:33:38 [Note]: 4007 5
01/18/07 09:33:38 [Error]: 4028 5
01/18/07 09:33:40 [Note]: 4000 5
01/18/07 09:33:40 [Note]: 4007 5
01/18/07 09:33:40 [Error]: 4028 5
01/18/07 09:33:42 [Note]: 4000 5
01/18/07 09:33:42 [Note]: 4007 5
01/18/07 09:33:42 [Error]: 4028 5
01/18/07 09:33:44 [Note]: 4000 5
01/18/07 09:33:44 [Note]: 4007 5
01/18/07 09:33:44 [Error]: 4028 5
01/18/07 09:33:45 [Note]: 4000 5
01/18/07 09:33:46 [Note]: 4007 5
01/18/07 09:33:46 [Error]: 4028 5
01/18/07 09:33:48 [Note]: 4000 5
01/18/07 09:33:48 [Note]: 4007 5
01/18/07 09:33:48 [Error]: 4028 5
01/18/07 09:33:50 [Note]: 4000 5
01/18/07 09:33:50 [Note]: 4007 5
01/18/07 09:33:50 [Error]: 4028 5
01/18/07 09:33:51 [Note]: 4000 5
01/18/07 09:33:51 [Note]: 4007 5
01/18/07 09:33:51 [Error]: 4028 5
01/18/07 09:33:53 [Note]: 4000 5
01/18/07 09:33:53 [Note]: 4007 5
01/18/07 09:33:53 [Error]: 4028 5
01/18/07 09:33:55 [Note]: 4000 5
01/18/07 09:33:55 [Note]: 4007 5
01/18/07 09:33:55 [Error]: 4028 5
01/18/07 09:33:57 [Note]: 4000 5
01/18/07 09:33:57 [Note]: 4007 5
01/18/07 09:33:57 [Error]: 4028 5
01/18/07 09:33:59 [Note]: 4000 5
01/18/07 09:33:59 [Note]: 4007 5
01/18/07 09:33:59 [Error]: 4028 5
01/18/07 09:34:01 [Note]: 4000 5
01/18/07 09:34:01 [Note]: 4007 5
01/18/07 09:34:01 [Error]: 4028 5
01/18/07 09:34:04 [Note]: 4000 5
01/18/07 09:34:04 [Note]: 4007 5
01/18/07 09:34:04 [Error]: 4028 5
01/18/07 09:34:06 [Note]: 4000 5
01/18/07 09:34:06 [Note]: 4007 5
01/18/07 09:34:06 [Error]: 4028 5
01/18/07 09:34:08 [Note]: 4000 5
01/18/07 09:34:08 [Note]: 4007 5
01/18/07 09:34:08 [Error]: 4028 5
01/18/07 09:34:10 [Note]: 4000 5
01/18/07 09:34:10 [Note]: 4007 5
01/18/07 09:34:10 [Error]: 4028 5
01/18/07 09:34:12 [Note]: 4000 5
01/18/07 09:34:12 [Note]: 4007 5
01/18/07 09:34:12 [Error]: 4028 5
01/18/07 09:34:14 [Note]: 4000 5
01/18/07 09:34:14 [Note]: 4007 5
01/18/07 09:34:14 [Error]: 4028 5
01/18/07 09:34:16 [Note]: 4000 5
01/18/07 09:34:16 [Note]: 4007 5
01/18/07 09:34:16 [Error]: 4028 5
01/18/07 09:34:19 [Note]: 4000 5
01/18/07 09:34:19 [Note]: 4007 5
01/18/07 09:34:19 [Error]: 4028 5
01/18/07 09:34:21 [Note]: 4000 5
01/18/07 09:34:21 [Note]: 4007 5
01/18/07 09:34:21 [Error]: 4028 5
01/18/07 09:34:23 [Note]: 4000 5
01/18/07 09:34:23 [Note]: 4007 5
01/18/07 09:34:23 [Error]: 4028 5
01/18/07 09:34:27 [Note]: 4000 5
01/18/07 09:34:27 [Note]: 4007 5
01/18/07 09:34:27 [Error]: 4028 5
01/18/07 09:34:30 [Note]: 4000 5
01/18/07 09:34:30 [Note]: 4007 5
01/18/07 09:34:30 [Error]: 4028 5
01/18/07 09:34:33 [Note]: 4000 5
01/18/07 09:34:34 [Note]: 4007 5
01/18/07 09:34:34 [Error]: 4028 5
01/18/07 09:34:37 [Note]: 4000 5
01/18/07 09:34:37 [Note]: 4007 5
01/18/07 09:34:37 [Error]: 4028 5
01/18/07 09:34:40 [Note]: 4000 5
01/18/07 09:34:40 [Note]: 4007 5
01/18/07 09:34:40 [Error]: 4028 5
01/18/07 09:34:44 [Note]: 4000 5
01/18/07 09:34:44 [Note]: 4007 5
01/18/07 09:34:44 [Error]: 4028 5
01/18/07 09:34:47 [Note]: 4000 5
01/18/07 09:34:47 [Note]: 4007 5
01/18/07 09:34:47 [Error]: 4028 5
01/18/07 09:34:51 [Note]: 4000 5
01/18/07 09:34:51 [Note]: 4007 5
01/18/07 09:34:51 [Error]: 4028 5
01/18/07 09:34:54 [Note]: 4000 5
01/18/07 09:34:54 [Note]: 4007 5
01/18/07 09:34:54 [Error]: 4028 5
01/18/07 09:34:57 [Note]: 4000 5
01/18/07 09:34:58 [Note]: 4007 5
01/18/07 09:34:58 [Error]: 4028 5
01/18/07 09:34:59 [Note]: 4000 5
01/18/07 09:34:59 [Note]: 4007 5
01/18/07 09:34:59 [Error]: 4028 5
01/18/07 09:35:02 [Note]: 4000 5
01/18/07 09:35:02 [Note]: 4007 5
01/18/07 09:35:02 [Error]: 4028 5
01/18/07 09:35:03 [Note]: 4000 5
01/18/07 09:35:03 [Note]: 4007 5
01/18/07 09:35:03 [Error]: 4028 5
01/18/07 09:35:04 [Note]: 4000 5
01/18/07 09:35:04 [Note]: 4007 5
01/18/07 09:35:04 [Error]: 4028 5
01/18/07 09:35:06 [Note]: 4000 5
01/18/07 09:35:06 [Note]: 4007 5
01/18/07 09:35:06 [Error]: 4028 5
01/18/07 09:35:08 [Note]: 4000 5
01/18/07 09:35:08 [Note]: 4007 5
01/18/07 09:35:08 [Error]: 4028 5
01/18/07 09:35:11 [Note]: 4000 5
01/18/07 09:35:11 [Note]: 4007 5
01/18/07 09:35:11 [Error]: 4028 5
01/18/07 09:35:12 [Note]: 4000 5
01/18/07 09:35:12 [Note]: 4007 5
01/18/07 09:35:12 [Error]: 4028 5
01/18/07 09:35:14 [Note]: 4000 5
01/18/07 09:35:14 [Note]: 4007 5
01/18/07 09:35:14 [Error]: 4028 5
01/18/07 09:35:16 [Note]: 4000 5
01/18/07 09:35:16 [Note]: 4007 5
01/18/07 09:35:16 [Error]: 4028 5
01/18/07 09:35:18 [Note]: 4000 5
01/18/07 09:35:18 [Note]: 4007 5
01/18/07 09:35:18 [Error]: 4028 5
01/18/07 09:35:19 [Note]: 4000 5
01/18/07 09:35:19 [Note]: 4007 5
01/18/07 09:35:19 [Error]: 4028 5
01/18/07 09:35:21 [Note]: 4000 5
01/18/07 09:35:21 [Note]: 4007 5
01/18/07 09:35:21 [Error]: 4028 5
01/18/07 09:35:23 [Note]: 4000 5
01/18/07 09:35:23 [Note]: 4007 5
01/18/07 09:35:23 [Error]: 4028 5
01/18/07 09:35:24 [Note]: 4000 5
01/18/07 09:35:24 [Note]: 4007 5
01/18/07 09:35:24 [Error]: 4028 5
01/18/07 09:35:27 [Note]: 4000 5
01/18/07 09:35:27 [Note]: 4007 5
01/18/07 09:35:27 [Error]: 4028 5
01/18/07 09:35:30 [Note]: 4000 5
01/18/07 09:35:30 [Note]: 4007 5
01/18/07 09:35:30 [Error]: 4028 5
01/18/07 09:35:33 [Note]: 4000 5
01/18/07 09:35:33 [Note]: 4007 5
01/18/07 09:35:33 [Error]: 4028 5
01/18/07 09:35:36 [Note]: 4000 5
01/18/07 09:35:36 [Note]: 4007 5
01/18/07 09:35:36 [Error]: 4028 5
01/18/07 09:35:39 [Note]: 4000 5
01/18/07 09:35:39 [Note]: 4007 5
01/18/07 09:35:39 [Error]: 4028 5
01/18/07 09:35:41 [Note]: 4000 5
01/18/07 09:35:41 [Note]: 4007 5
01/18/07 09:35:41 [Error]: 4028 5
01/18/07 09:35:44 [Note]: 4000 5
01/18/07 09:35:44 [Note]: 4007 5
01/18/07 09:35:44 [Error]: 4028 5
01/18/07 09:35:47 [Note]: 4000 5
01/18/07 09:35:47 [Note]: 4007 5
01/18/07 09:35:47 [Error]: 4028 5
01/18/07 09:35:50 [Note]: 4000 5
01/18/07 09:35:50 [Note]: 4007 5
01/18/07 09:35:50 [Error]: 4028 5
01/18/07 09:35:53 [Note]: 4000 5
01/18/07 09:35:53 [Note]: 4007 5
01/18/07 09:35:53 [Error]: 4028 5
01/18/07 09:35:55 [Note]: 4000 5
01/18/07 09:35:56 [Note]: 4007 5
01/18/07 09:35:56 [Error]: 4028 5
01/18/07 09:35:59 [Note]: 4000 5
01/18/07 09:35:59 [Note]: 4007 5
01/18/07 09:35:59 [Error]: 4028 5
01/18/07 09:36:01 [Note]: 4000 5
01/18/07 09:36:01 [Note]: 4007 5
01/18/07 09:36:01 [Error]: 4028 5
01/18/07 09:36:04 [Note]: 4000 5
01/18/07 09:36:04 [Note]: 4007 5
01/18/07 09:36:04 [Error]: 4028 5
01/18/07 09:36:07 [Note]: 4000 5
01/18/07 09:36:07 [Note]: 4007 5
01/18/07 09:36:07 [Error]: 4028 5
01/18/07 09:36:10 [Note]: 4000 5
01/18/07 09:36:10 [Note]: 4007 5
01/18/07 09:36:10 [Error]: 4028 5
01/18/07 09:36:12 [Note]: 4000 5
01/18/07 09:36:12 [Note]: 4007 5
01/18/07 09:36:12 [Error]: 4028 5
01/18/07 09:36:15 [Note]: 4000 5
01/18/07 09:36:15 [Note]: 4007 5
01/18/07 09:36:15 [Error]: 4028 5
01/18/07 09:36:18 [Note]: 4000 5
01/18/07 09:36:18 [Note]: 4007 5
01/18/07 09:36:18 [Error]: 4028 5
01/18/07 09:36:21 [Note]: 4000 5
01/18/07 09:36:21 [Note]: 4007 5
01/18/07 09:36:21 [Error]: 4028 5
01/18/07 09:36:24 [Note]: 4000 5
01/18/07 09:36:24 [Note]: 4007 5
01/18/07 09:36:24 [Error]: 4028 5
01/18/07 09:36:27 [Note]: 4000 5
01/18/07 09:36:27 [Note]: 4007 5
01/18/07 09:36:27 [Error]: 4028 5
01/18/07 09:36:29 [Note]: 4000 5
01/18/07 09:36:30 [Note]: 4007 5
01/18/07 09:36:30 [Error]: 4028 5
01/18/07 09:36:32 [Note]: 4000 5
01/18/07 09:36:32 [Note]: 4007 5
01/18/07 09:36:32 [Error]: 4028 5
01/18/07 09:36:35 [Note]: 4000 5
01/18/07 09:36:35 [Note]: 4007 5
01/18/07 09:36:35 [Error]: 4028 5
01/18/07 09:36:38 [Note]: 4000 5
01/18/07 09:36:38 [Note]: 4007 5
01/18/07 09:36:38 [Error]: 4028 5
01/18/07 09:36:41 [Note]: 4000 5
01/18/07 09:36:41 [Note]: 4007 5
01/18/07 09:36:41 [Error]: 4028 5
01/18/07 09:36:44 [Note]: 4000 5
01/18/07 09:36:44 [Note]: 4007 5
01/18/07 09:36:44 [Error]: 4028 5
01/18/07 09:36:47 [Note]: 4000 5
01/18/07 09:36:47 [Note]: 4007 5
01/18/07 09:36:47 [Error]: 4028 5
01/18/07 09:36:50 [Note]: 4000 5
01/18/07 09:36:50 [Note]: 4007 5
01/18/07 09:36:50 [Error]: 4028 5
01/18/07 09:36:53 [Note]: 4000 5
01/18/07 09:36:53 [Note]: 4007 5
01/18/07 09:36:53 [Error]: 4028 5
01/18/07 09:36:56 [Note]: 4000 5
01/18/07 09:36:56 [Note]: 4007 5
01/18/07 09:36:56 [Error]: 4028 5
01/18/07 09:36:59 [Note]: 4000 5
01/18/07 09:36:59 [Note]: 4007 5
01/18/07 09:36:59 [Error]: 4028 5
01/18/07 09:37:02 [Note]: 4000 5
01/18/07 09:37:02 [Note]: 4007 5
01/18/07 09:37:02 [Error]: 4028 5
01/18/07 09:37:05 [Note]: 4000 5
01/18/07 09:37:05 [Note]: 4007 5
01/18/07 09:37:05 [Error]: 4028 5
01/18/07 09:37:08 [Note]: 4000 5
01/18/07 09:37:08 [Note]: 4007 5
01/18/07 09:37:08 [Error]: 4028 5
01/18/07 09:37:11 [Note]: 4000 5
01/18/07 09:37:11 [Note]: 4007 5
01/18/07 09:37:11 [Error]: 4028 5
01/18/07 09:37:14 [Note]: 4000 5
01/18/07 09:37:14 [Note]: 4007 5
01/18/07 09:37:14 [Error]: 4028 5
01/18/07 09:37:17 [Note]: 4000 5
01/18/07 09:37:17 [Note]: 4007 5
01/18/07 09:37:17 [Error]: 4028 5
01/18/07 09:37:20 [Note]: 4000 5
01/18/07 09:37:20 [Note]: 4007 5
01/18/07 09:37:20 [Error]: 4028 5
01/18/07 09:37:23 [Note]: 4000 5
01/18/07 09:37:23 [Note]: 4007 5
01/18/07 09:37:23 [Error]: 4028 5
01/18/07 09:37:26 [Note]: 4000 5
01/18/07 09:37:26 [Note]: 4007 5
01/18/07 09:37:26 [Error]: 4028 5
01/18/07 09:37:31 [Note]: 4000 5
01/18/07 09:37:31 [Note]: 4007 5
01/18/07 09:37:31 [Error]: 4028 5
01/18/07 09:37:34 [Note]: 4000 5
01/18/07 09:37:34 [Note]: 4007 5
01/18/07 09:37:34 [Error]: 4028 5
01/18/07 09:37:38 [Note]: 4000 5
01/18/07 09:37:38 [Note]: 4007 5
01/18/07 09:37:38 [Error]: 4028 5
01/18/07 09:37:41 [Note]: 4000 5
01/18/07 09:37:41 [Note]: 4007 5
01/18/07 09:37:41 [Error]: 4028 5
01/18/07 09:37:45 [Note]: 4000 5
01/18/07 09:37:45 [Note]: 4007 5
01/18/07 09:37:45 [Error]: 4028 5
01/18/07 09:37:49 [Note]: 4000 5
01/18/07 09:37:49 [Note]: 4007 5
01/18/07 09:37:49 [Error]: 4028 5
01/18/07 09:37:52 [Note]: 4000 5
01/18/07 09:37:52 [Note]: 4007 5
01/18/07 09:37:52 [Error]: 4028 5
01/18/07 09:37:55 [Note]: 4000 5
01/18/07 09:37:55 [Note]: 4007 5
01/18/07 09:37:55 [Error]: 4028 5
01/18/07 09:37:59 [Note]: 4000 5
01/18/07 09:37:59 [Note]: 4007 5
01/18/07 09:37:59 [Error]: 4028 5
01/18/07 09:38:04 [Note]: 4000 5
01/18/07 09:38:04 [Note]: 4007 5
01/18/07 09:38:04 [Error]: 4028 5
01/18/07 09:38:08 [Note]: 4000 5
01/18/07 09:38:08 [Note]: 4007 5
01/18/07 09:38:08 [Error]: 4028 5
01/18/07 09:38:11 [Note]: 4000 5
01/18/07 09:38:11 [Note]: 4007 5
01/18/07 09:38:11 [Error]: 4028 5
01/18/07 09:38:15 [Note]: 4000 5
01/18/07 09:38:15 [Note]: 4007 5
01/18/07 09:38:15 [Error]: 4028 5
01/18/07 09:38:17 [Note]: 4000 5
01/18/07 09:38:17 [Note]: 4007 5
01/18/07 09:38:17 [Error]: 4028 5
01/18/07 09:38:19 [Note]: 4000 5
01/18/07 09:38:19 [Note]: 4007 5
01/18/07 09:38:19 [Error]: 4028 5
01/18/07 09:38:21 [Note]: 4000 5
01/18/07 09:38:21 [Note]: 4007 5
01/18/07 09:38:21 [Error]: 4028 5
01/18/07 09:38:23 [Note]: 4000 5
01/18/07 09:38:23 [Note]: 4007 5
01/18/07 09:38:23 [Error]: 4028 5
01/18/07 09:38:26 [Note]: 4000 5
01/18/07 09:38:26 [Note]: 4007 5
01/18/07 09:38:26 [Error]: 4028 5
01/18/07 09:38:28 [Note]: 4000 5
01/18/07 09:38:28 [Note]: 4007 5
01/18/07 09:38:28 [Error]: 4028 5
01/18/07 09:38:30 [Note]: 4000 5
01/18/07 09:38:30 [Note]: 4007 5
01/18/07 09:38:30 [Error]: 4028 5
01/18/07 09:38:32 [Note]: 4000 5
01/18/07 09:38:32 [Note]: 4007 5
01/18/07 09:38:32 [Error]: 4028 5
01/18/07 09:38:34 [Note]: 4000 5
01/18/07 09:38:34 [Note]: 4007 5
01/18/07 09:38:34 [Error]: 4028 5
01/18/07 09:38:37 [Note]: 4000 5
01/18/07 09:38:37 [Note]: 4007 5
01/18/07 09:38:37 [Error]: 4028 5
01/18/07 09:38:40 [Note]: 4000 5
01/18/07 09:38:40 [Note]: 4007 5
01/18/07 09:38:40 [Error]: 4028 5
01/18/07 09:38:44 [Note]: 4000 5
01/18/07 09:38:44 [Note]: 4007 5
01/18/07 09:38:44 [Error]: 4028 5
01/18/07 09:38:47 [Note]: 4000 5
01/18/07 09:38:47 [Note]: 4007 5
01/18/07 09:38:47 [Error]: 4028 5
01/18/07 09:38:51 [Note]: 4000 5
01/18/07 09:38:51 [Note]: 4007 5
01/18/07 09:38:51 [Error]: 4028 5
01/18/07 09:38:55 [Note]: 4000 5
01/18/07 09:38:55 [Note]: 4007 5
01/18/07 09:38:55 [Error]: 4028 5
01/18/07 09:38:58 [Note]: 4000 5
01/18/07 09:38:58 [Note]: 4007 5
01/18/07 09:38:58 [Error]: 4028 5
01/18/07 09:39:02 [Note]: 4000 5
01/18/07 09:39:02 [Note]: 4007 5
01/18/07 09:39:02 [Error]: 4028 5
01/18/07 09:39:05 [Note]: 4000 5
01/18/07 09:39:05 [Note]: 4007 5
01/18/07 09:39:05 [Error]: 4028 5
01/18/07 09:39:09 [Note]: 4000 5
01/18/07 09:39:09 [Note]: 4007 5
01/18/07 09:39:09 [Error]: 4028 5
01/18/07 09:39:12 [Note]: 4000 5
01/18/07 09:39:12 [Note]: 4007 5
01/18/07 09:39:12 [Error]: 4028 5
01/18/07 09:39:16 [Note]: 4000 5
01/18/07 09:39:16 [Note]: 4007 5
01/18/07 09:39:16 [Error]: 4028 5
01/18/07 09:39:17 [Note]: 4000 5
01/18/07 09:39:17 [Note]: 4007 5
01/18/07 09:39:17 [Error]: 4028 5
01/18/07 09:39:19 [Note]: 4000 5
01/18/07 09:39:19 [Note]: 4007 5
01/18/07 09:39:19 [Error]: 4028 5
01/18/07 09:39:20 [Note]: 4000 5
01/18/07 09:39:20 [Note]: 4007 5
01/18/07 09:39:20 [Error]: 4028 5
01/18/07 09:39:23 [Note]: 4000 5
01/18/07 09:39:23 [Note]: 4007 5
01/18/07 09:39:23 [Error]: 4028 5
01/18/07 09:39:27 [Note]: 4000 5
01/18/07 09:39:27 [Note]: 4007 5
01/18/07 09:39:27 [Error]: 4028 5
01/18/07 09:39:30 [Note]: 4000 5
01/18/07 09:39:30 [Note]: 4007 5
01/18/07 09:39:30 [Error]: 4028 5
01/18/07 09:39:33 [Note]: 4000 5
01/18/07 09:39:33 [Note]: 4007 5
01/18/07 09:39:33 [Error]: 4028 5
01/18/07 09:39:36 [Note]: 4000 5
01/18/07 09:39:36 [Note]: 4007 5
01/18/07 09:39:36 [Error]: 4028 5
01/18/07 09:39:39 [Note]: 4000 5
01/18/07 09:39:39 [Note]: 4007 5
01/18/07 09:39:39 [Error]: 4028 5
01/18/07 09:39:41 [Note]: 4000 5
01/18/07 09:39:41 [Note]: 4007 5
01/18/07 09:39:41 [Error]: 4028 5
01/18/07 09:39:43 [Note]: 4000 5
01/18/07 09:39:43 [Note]: 4007 5
01/18/07 09:39:43 [Error]: 4028 5
01/18/07 09:39:45 [Note]: 4000 5
01/18/07 09:39:45 [Note]: 4007 5
01/18/07 09:39:45 [Error]: 4028 5
01/18/07 09:39:47 [Note]: 4000 5
01/18/07 09:39:47 [Note]: 4007 5
01/18/07 09:39:47 [Error]: 4028 5
01/18/07 09:39:49 [Note]: 4000 5
01/18/07 09:39:49 [Note]: 4007 5
01/18/07 09:39:49 [Error]: 4028 5
01/18/07 09:39:53 [Note]: 4000 5
01/18/07 09:39:53 [Note]: 4007 5
01/18/07 09:39:53 [Error]: 4028 5
01/18/07 09:39:54 [Note]: 4000 5
01/18/07 09:39:54 [Note]: 4007 5
01/18/07 09:39:54 [Error]: 4028 5
01/18/07 09:39:56 [Note]: 4000 5
01/18/07 09:39:56 [Note]: 4007 5
01/18/07 09:39:56 [Error]: 4028 5
01/18/07 09:39:58 [Note]: 4000 5
01/18/07 09:39:58 [Note]: 4007 5
01/18/07 09:39:58 [Error]: 4028 5
01/18/07 09:40:00 [Note]: 4000 5
01/18/07 09:40:00 [Note]: 4007 5
01/18/07 09:40:00 [Error]: 4028 5
01/18/07 09:40:01 [Note]: 4000 5
01/18/07 09:40:01 [Note]: 4007 5
01/18/07 09:40:01 [Error]: 4028 5
01/18/07 09:40:03 [Note]: 4000 5
01/18/07 09:40:03 [Note]: 4007 5
01/18/07 09:40:03 [Error]: 4028 5
01/18/07 09:40:06 [Note]: 4000 5
01/18/07 09:40:06 [Note]: 4007 5
01/18/07 09:40:06 [Error]: 4028 5
01/18/07 09:40:09 [Note]: 4000 5
01/18/07 09:40:09 [Note]: 4007 5
01/18/07 09:40:09 [Error]: 4028 5
01/18/07 09:40:12 [Note]: 4000 5
01/18/07 09:40:12 [Note]: 4007 5
01/18/07 09:40:12 [Error]: 4028 5
01/18/07 09:40:15 [Note]: 4000 5
01/18/07 09:40:15 [Note]: 4007 5
01/18/07 09:40:15 [Error]: 4028 5
01/18/07 09:40:19 [Note]: 4000 5
01/18/07 09:40:19 [Note]: 4007 5
01/18/07 09:40:19 [Error]: 4028 5
01/18/07 09:40:22 [Note]: 4000 5
01/18/07 09:40:22 [Note]: 4007 5
01/18/07 09:40:22 [Error]: 4028 5
01/18/07 09:40:26 [Note]: 4000 5
01/18/07 09:40:26 [Note]: 4007 5
01/18/07 09:40:26 [Error]: 4028 5
01/18/07 09:40:29 [Note]: 4000 5
01/18/07 09:40:29 [Note]: 4007 5
01/18/07 09:40:29 [Error]: 4028 5
01/18/07 09:40:34 [Note]: 4000 5
01/18/07 09:40:34 [Note]: 4007 5
01/18/07 09:40:34 [Error]: 4028 5
01/18/07 09:40:38 [Note]: 4000 5
01/18/07 09:40:38 [Note]: 4007 5
01/18/07 09:40:38 [Error]: 4028 5
01/18/07 09:40:42 [Note]: 4000 5
01/18/07 09:40:42 [Note]: 4007 5
01/18/07 09:40:42 [Error]: 4028 5
01/18/07 09:40:44 [Note]: 4000 5
01/18/07 09:40:44 [Note]: 4007 5
01/18/07 09:40:44 [Error]: 4028 5
01/18/07 09:40:46 [Note]: 4000 5
01/18/07 09:40:46 [Note]: 4007 5
01/18/07 09:40:46 [Error]: 4028 5
01/18/07 09:40:50 [Note]: 4000 5
01/18/07 09:40:50 [Note]: 4007 5
01/18/07 09:40:50 [Error]: 4028 5
01/18/07 09:40:53 [Note]: 4000 5
01/18/07 09:40:53 [Note]: 4007 5
01/18/07 09:40:53 [Error]: 4028 5
01/18/07 09:40:56 [Note]: 4000 5
01/18/07 09:40:56 [Note]: 4007 5
01/18/07 09:40:56 [Error]: 4028 5
01/18/07 09:41:00 [Note]: 4000 5
01/18/07 09:41:00 [Note]: 4007 5
01/18/07 09:41:00 [Error]: 4028 5
01/18/07 09:41:01 [Note]: 4000 5
01/18/07 09:41:01 [Note]: 4007 5
01/18/07 09:41:01 [Error]: 4028 5
01/18/07 09:41:03 [Note]: 4000 5
01/18/07 09:41:03 [Note]: 4007 5
01/18/07 09:41:03 [Error]: 4028 5
01/18/07 09:41:03 [Note]: 4000 5
01/18/07 09:41:03 [Note]: 4007 5
01/18/07 09:41:03 [Error]: 4028 5
01/18/07 09:41:04 [Note]: 4000 5
01/18/07 09:41:04 [Note]: 4007 5
01/18/07 09:41:04 [Error]: 4028 5
01/18/07 09:41:04 [Note]: 4000 5
01/18/07 09:41:04 [Note]: 4007 5
01/18/07 09:41:04 [Error]: 4028 5
01/18/07 09:41:05 [Note]: 4000 5
01/18/07 09:41:05 [Note]: 4007 5
01/18/07 09:41:05 [Error]: 4028 5
01/18/07 09:41:06 [Note]: 4000 5
01/18/07 09:41:06 [Note]: 4007 5
01/18/07 09:41:06 [Error]: 4028 5
01/18/07 09:41:09 [Note]: 4000 5
01/18/07 09:41:09 [Note]: 4007 5
01/18/07 09:41:09 [Error]: 4028 5
01/18/07 09:41:11 [Note]: 4000 5
01/18/07 09:41:11 [Note]: 4007 5
01/18/07 09:41:11 [Error]: 4028 5
01/18/07 09:41:12 [Note]: 4000 5
01/18/07 09:41:12 [Note]: 4007 5
01/18/07 09:41:12 [Error]: 4028 5
01/18/07 09:41:13 [Note]: 4000 5
01/18/07 09:41:13 [Note]: 4007 5
01/18/07 09:41:13 [Error]: 4028 5
01/18/07 09:41:15 [Note]: 4000 5
01/18/07 09:41:15 [Note]: 4007 5
01/18/07 09:41:15 [Error]: 4028 5
01/18/07 09:41:19 [Note]: 4000 5
01/18/07 09:41:19 [Note]: 4007 5
01/18/07 09:41:19 [Error]: 4028 5
01/18/07 09:41:21 [Note]: 4000 5
01/18/07 09:41:21 [Note]: 4007 5
01/18/07 09:41:21 [Error]: 4028 5
01/18/07 09:41:30 [Note]: 4000 5
01/18/07 09:41:30 [Note]: 4007 5
01/18/07 09:41:30 [Error]: 4028 5
01/18/07 09:41:33 [Note]: 4000 5
01/18/07 09:41:33 [Note]: 4007 5
01/18/07 09:41:33 [Error]: 4028 5
01/18/07 09:41:37 [Note]: 4000 5
01/18/07 09:41:37 [Note]: 4007 5
01/18/07 09:41:37 [Error]: 4028 5
01/18/07 09:41:40 [Note]: 4000 5
01/18/07 09:41:40 [Note]: 4007 5
01/18/07 09:41:40 [Error]: 4028 5
01/18/07 09:41:44 [Note]: 4000 5
01/18/07 09:41:44 [Note]: 4007 5
01/18/07 09:41:44 [Error]: 4028 5
01/18/07 09:41:46 [Note]: 4000 5
01/18/07 09:41:46 [Note]: 4007 5
01/18/07 09:41:46 [Error]: 4028 5
01/18/07 09:42:04 [Note]: 4000 5
01/18/07 09:42:04 [Note]: 4007 5
01/18/07 09:42:04 [Error]: 4028 5
01/18/07 09:42:08 [Note]: 4000 5
01/18/07 09:42:08 [Note]: 4007 5
01/18/07 09:42:08 [Error]: 4028 5
01/18/07 09:42:12 [Note]: 4000 5
01/18/07 09:42:12 [Note]: 4007 5
01/18/07 09:42:12 [Error]: 4028 5
01/18/07 09:42:16 [Note]: 4000 5
01/18/07 09:42:16 [Note]: 4007 5
01/18/07 09:42:16 [Error]: 4028 5
01/18/07 09:42:22 [Note]: 4000 5
01/18/07 09:42:22 [Note]: 4007 5
01/18/07 09:42:22 [Error]: 4028 5
01/18/07 09:42:32 [Note]: 4000 5
01/18/07 09:42:32 [Note]: 4007 5
01/18/07 09:42:32 [Error]: 4028 5
01/18/07 09:42:47 [Note]: 4000 5
01/18/07 09:42:47 [Note]: 4007 5
01/18/07 09:42:47 [Error]: 4028 5
01/18/07 09:43:02 [Note]: 4000 5
01/18/07 09:43:02 [Note]: 4007 5
01/18/07 09:43:02 [Error]: 4028 5
01/18/07 09:43:11 [Note]: 4000 5
01/18/07 09:43:11 [Note]: 4007 5
01/18/07 09:43:11 [Error]: 4028 5
01/18/07 09:43:20 [Note]: 4000 5
01/18/07 09:43:20 [Note]: 4007 5
01/18/07 09:43:20 [Error]: 4028 5
01/18/07 09:43:29 [Note]: 4000 5
01/18/07 09:43:29 [Note]: 4007 5
01/18/07 09:43:29 [Error]: 4028 5
01/18/07 09:43:33 [Note]: 4000 5
01/18/07 09:43:33 [Note]: 4007 5
01/18/07 09:43:33 [Error]: 4028 5
01/18/07 09:43:39 [Note]: 4000 5
01/18/07 09:43:39 [Note]: 4007 5
01/18/07 09:43:39 [Error]: 4028 5
01/18/07 09:43:55 [Note]: 4000 5
01/18/07 09:43:55 [Note]: 4007 5
01/18/07 09:43:55 [Error]: 4028 5
01/18/07 09:44:11 [Note]: 4000 5
01/18/07 09:44:11 [Note]: 4007 5
01/18/07 09:44:11 [Error]: 4028 5
01/18/07 09:44:23 [Note]: 4000 5
01/18/07 09:44:23 [Note]: 4007 5
01/18/07 09:44:23 [Error]: 4028 5
01/18/07 09:44:35 [Note]: 4000 5
01/18/07 09:44:35 [Note]: 4007 5
01/18/07 09:44:35 [Error]: 4028 5
01/18/07 09:44:38 [Note]: 4000 5
01/18/07 09:44:38 [Note]: 4007 5
01/18/07 09:44:38 [Error]: 4028 5
01/18/07 12:15:53 [Note]: 7007 0

Trogan

18 Jan 2007, 12:19pm

Log does look weird. Please try running it again. Make sure you have everything closed first.

billthompson

18 Jan 2007, 1:00pm

Hi Trog,

Ok...this looks better...thanks again,

Bill

"mememe" - 07-01-18 13:00:16 Service Pack 1
ComboFix 07-01-16.2 - Running from: "C:\Documents and Settings\mememe\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-12-18 to 2007-01-18 ))))))))))))))))))))))))))))))))))

2007-01-18 01:45 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-01-18 01:45 <DIR> d-------- C:\WINDOWS\LastGood
2007-01-17 04:54 520,192 --a------ C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2007-01-17 01:50 27,255 --------- C:\WINDOWS\system32\drivers\NWWMUSB.sys
2007-01-17 01:49 11,510 --------- C:\WINDOWS\system32\drivers\VMCUSB.sys
2007-01-17 01:49 <DIR> d-------- C:\Program Files\Sony Corporation
2007-01-17 01:47 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
2007-01-14 12:04 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-01-14 01:37 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Application Data\Lavasoft
2007-01-14 00:06 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Application Data\AVG7
2007-01-13 22:13 <DIR> d-------- C:\Program Files\Trend Micro
2007-01-13 21:34 <DIR> d-------- C:\divx
2007-01-12 09:52 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-01-12 09:52 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-01-12 09:52 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-01-12 09:52 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2007-01-12 09:52 4,002 --a------ C:\WINDOWS\system32\tmp.reg
2007-01-12 09:52 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-01-12 09:52 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2007-01-12 09:41 <DIR> d-------- C:\spyware tools
2007-01-12 09:41 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-01-10 11:12 <DIR> d-------- C:\SDFix
2007-01-08 00:22 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-01-07 20:39 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-05 19:24 <DIR> d-------- C:\Program Files\Microsoft Bootvis
2007-01-05 19:01 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-01-05 18:58 <DIR> d-------- C:\Program Files\Seagate
2007-01-02 14:51 <DIR> d-------- C:\Program Files\virtualdub
2007-01-02 14:31 <DIR> d-------- C:\Program Files\plugins
2007-01-02 14:31 <DIR> d-------- C:\Program Files\aviproxy
2007-01-02 14:30 31,254 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2007-01-02 14:23 31,232 --a------ C:\WINDOWS\system\vdremote.dll
2007-01-02 14:23 25,088 --a------ C:\WINDOWS\system\vdsvrlnk.dll
2006-12-24 20:49 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2006-12-24 20:49 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-01-18 12:18 -------- d-------- C:\Program Files\mozilla firefox
2007-01-17 17:29 -------- d-------- C:\Program Files\google
2007-01-17 17:28 -------- d-------- C:\Program Files\Common Files\adobe
2007-01-17 17:24 -------- d-------- C:\Program Files\juice
2007-01-17 17:24 -------- d-------- C:\DOCUME~1\mememe\Application Data\mailwasher
2007-01-17 04:49 -------- d-------- C:\Program Files\sony
2007-01-17 04:48 -------- d--h----- C:\Program Files\installshield installation information
2007-01-17 01:52 -------- d-------- C:\Program Files\Common Files\sony shared
2007-01-16 15:28 -------- d-------- C:\DOCUME~1\mememe\Application Data\skype
2007-01-13 21:11 -------- d-------- C:\DOCUME~1\mememe\Application Data\adobe
2007-01-13 21:01 -------- d-------- C:\Program Files\soulseek
2007-01-13 20:03 -------- d-------- C:\Program Files\yahoo!
2007-01-13 20:03 -------- d-------- C:\Program Files\coolpro2
2007-01-08 03:13 -------- d-------- C:\Program Files\quicktime
2007-01-08 02:40 -------- d-------- C:\Program Files\m-audio uno
2007-01-08 02:39 -------- d-------- C:\Program Files\ltmoh
2007-01-08 02:33 -------- d-------- C:\Program Files\izarc
2007-01-07 20:39 -------- d-------- C:\Program Files\grisoft
2007-01-03 22:43 -------- d-ah----- C:\Program Files\windowsupdate
2007-01-03 22:43 -------- d-------- C:\DOCUME~1\mememe\Application Data\pace anti-piracy
2006-12-17 15:15 -------- d-------- C:\DOCUME~1\mememe\Application Data\sonic foundry
2006-12-17 15:10 -------- d-------- C:\Program Files\sonic foundry
2006-12-17 15:06 -------- d-------- C:\Program Files\sonic foundry setup
2006-12-16 16:07 133632 --a------ C:\WINDOWS\system32\spoonuninstall.exe
2006-12-16 16:04 -------- d-------- C:\Program Files\bingo rm to mp3 wave converter
2006-12-04 23:25 -------- d-------- C:\Program Files\skype
2006-12-02 13:23 -------- d-------- C:\DOCUME~1\mememe\Application Data\opera
2006-11-27 22:30 -------- d-------- C:\DOCUME~1\mememe\Application Data\avg7
2006-11-25 21:38 -------- d-------- C:\Program Files\evolver soundeditor
2006-11-22 10:23 816672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-11-22 10:23 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-11-22 10:22 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-11-22 10:22 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-11-22 10:22 28416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-11-22 10:22 18240 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2006-11-20 05:15 -------- d-------- C:\DOCUME~1\mememe\Application Data\publish providers
2006-11-19 01:36 -------- d-------- C:\DOCUME~1\mememe\Application Data\divx
2006-10-30 17:09 45344 --a------ C:\DOCUME~1\mememe\Application Data\gdipfontcachev1.dat
2006-10-29 15:03 8704 --ahs---- C:\Program Files\thumbs.db
2006-10-26 21:02 4608 --a------ C:\WINDOWS\system32\w95inf32.dll
2006-10-26 21:02 2272 --a------ C:\WINDOWS\system32\w95inf16.dll
2006-10-07 15:53 453000 --a------ C:\Program Files\evolverexe330.zip

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Tpwrtray"="TPWRTRAY.EXE"
"TDispVol"="TDispVol.exe"
"TMESBS.EXE"="C:\\Program Files\\TOSHIBA\\TME3\\TMESBS32.EXE /Client"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Pinger"="c:\\toshiba\\ivp\\ism\\pinger.exe /run"
"cPadAlarm"="C:\\Program Files\\Synaptics\\SynTP\\cPad\\AlarmWatcher.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"00THotkey"="C:\\WINDOWS\\System32\\00THotkey.exe"
"000StTHK"="000StTHK.exe"
"nwiz"="nwiz.exe /installquiet"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~3.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^M-Audio Ozone Control Panel Launcher.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\M-Audio Ozone Control Panel Launcher.lnk"
"backup"="C:\\WINDOWS\\pss\\M-Audio Ozone Control Panel Launcher.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\M-AUDI~2\\OZTask.exe "
"item"="M-Audio Ozone Control Panel Launcher"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~3\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Trend Micro Anti-Spyware.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Trend Micro Anti-Spyware.lnk"
"backup"="C:\\WINDOWS\\pss\\Trend Micro Anti-Spyware.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\TRENDM~1\\Tmas\\Tmas.exe -autostart"
"item"="Trend Micro Anti-Spyware"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^mememe^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\mememe\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeVersionCue]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VersionCueTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\Adobe\\Adobe Version Cue\\ControlPanel\\VersionCueTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ltmoh"
"hkey"="HKLM"
"command"="C:\\Program Files\\ltmoh\\Ltmoh.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="M-AudioTaskBarIcon"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\M-AudioTaskBarIcon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /installquiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="REGSHAVE"
"hkey"="HKLM"
"command"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="C:\\Program Files\\Roxio\\Roxio DVDMax Player\\PDVDServ.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DrgToDsc"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swdoctor"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SsAAD"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TcmTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFncKy]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TFncKy"
"hkey"="HKLM"
"command"="TFncKy.exe /Type 03"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFNF5]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TFNF5"
"hkey"="HKLM"
"command"="TFNF5.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosHKCW.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosHKCW"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\TOSHIBA\\Wireless Hotkey\\TosHKCW.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TouchED]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TouchED"
"hkey"="HKLM"
"command"="C:\\Program Files\\TOSHIBA\\TouchED\\TouchED.Exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AdobeVersionCue"=dword:00000003
"UnoInstallerService"=dword:00000002
"OzoneInstallerService"=dword:00000002
"NetMDSB"=dword:00000002
"SSScsiSV"=dword:00000003
"SPTISRV"=dword:00000003
"QYRENOHHFY"=dword:00000003
"PACSPTISVR"=dword:00000003
"MSCSPTISRV"=dword:00000003
"MJEXPBJ"=dword:00000003
"ERHCRDI"=dword:00000003
"Adobe LM Service"=dword:00000003

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{03A80B1D-5C6A-42c2-9DFB-81B6005D8023}"="Trend Micro Anti-Spyware Shell Extension"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23775220-4971-11da-a54f-00022d84329a}]
shell\play\command "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L"
shell\play\command Files\InterVideo\WinDVD4\WinDVD.exe

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Registration reminder 1.job
C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job

Completion time: 07-01-18 13:06:41
C:\ComboFix2.txt ... 07-01-18 08:45

Trogan

18 Jan 2007, 1:09pm

Wrong log. I thought you were going to rescan with Blacklight.

billthompson

18 Jan 2007, 1:16pm

doh! sorry, will run it again and get back...ahhhhh.

b.

billthompson

18 Jan 2007, 2:13pm

Hi Trog,

Same weird kind of report...am I doing something wrong? Nothing else is open.

01/18/07 13:24:47 [Info]: BlackLight Engine 1.0.55 initialized
01/18/07 13:24:47 [Info]: OS: 5.1 build 2600 (Service Pack 1)
01/18/07 13:24:49 [Note]: 7019 4
01/18/07 13:24:49 [Note]: 7005 0
01/18/07 13:24:58 [Note]: 7006 0
01/18/07 13:24:58 [Note]: 7011 1348
01/18/07 13:24:58 [Note]: 7026 0
01/18/07 13:24:58 [Note]: 7026 0
01/18/07 13:25:08 [Note]: FSRAW library version 1.7.1021
01/18/07 13:25:09 [Note]: 4000 5
01/18/07 13:25:09 [Note]: 4007 5
01/18/07 13:25:09 [Error]: 4028 5
01/18/07 13:25:10 [Note]: 4000 5
01/18/07 13:25:10 [Note]: 4007 5
01/18/07 13:25:10 [Error]: 4028 5
01/18/07 13:25:11 [Note]: 4000 5
01/18/07 13:25:11 [Note]: 4007 5
01/18/07 13:25:11 [Error]: 4028 5
01/18/07 13:25:11 [Note]: 4000 5
01/18/07 13:25:11 [Note]: 4007 5
01/18/07 13:25:11 [Error]: 4028 5
01/18/07 13:25:12 [Note]: 4000 5
01/18/07 13:25:12 [Note]: 4007 5
01/18/07 13:25:12 [Error]: 4028 5
01/18/07 13:25:12 [Note]: 4000 5
01/18/07 13:25:12 [Note]: 4007 5
01/18/07 13:25:12 [Error]: 4028 5
01/18/07 13:25:13 [Note]: 4000 5
01/18/07 13:25:13 [Note]: 4007 5
01/18/07 13:25:13 [Error]: 4028 5
01/18/07 13:25:13 [Note]: 4000 5
01/18/07 13:25:13 [Note]: 4007 5
01/18/07 13:25:13 [Error]: 4028 5
01/18/07 13:25:13 [Note]: 4000 5
01/18/07 13:25:13 [Note]: 4007 5
01/18/07 13:25:13 [Error]: 4028 5
01/18/07 13:25:14 [Note]: 4000 5
01/18/07 13:25:14 [Note]: 4007 5
01/18/07 13:25:14 [Error]: 4028 5
01/18/07 13:25:14 [Note]: 4000 5
01/18/07 13:25:14 [Note]: 4007 5
01/18/07 13:25:14 [Error]: 4028 5
01/18/07 13:25:15 [Note]: 4000 5
01/18/07 13:25:15 [Note]: 4007 5
01/18/07 13:25:15 [Error]: 4028 5
01/18/07 13:25:15 [Note]: 4000 5
01/18/07 13:25:15 [Note]: 4007 5
01/18/07 13:25:15 [Error]: 4028 5
01/18/07 13:25:16 [Note]: 4000 5
01/18/07 13:25:16 [Note]: 4007 5
01/18/07 13:25:16 [Error]: 4028 5
01/18/07 13:25:16 [Note]: 4000 5
01/18/07 13:25:16 [Note]: 4007 5
01/18/07 13:25:16 [Error]: 4028 5
01/18/07 13:25:16 [Note]: 4000 5
01/18/07 13:25:16 [Note]: 4007 5
01/18/07 13:25:17 [Error]: 4028 5
01/18/07 13:25:19 [Note]: 4000 5
01/18/07 13:25:19 [Note]: 4007 5
01/18/07 13:25:19 [Error]: 4028 5
01/18/07 13:25:20 [Note]: 4000 5
01/18/07 13:25:20 [Note]: 4007 5
01/18/07 13:25:20 [Error]: 4028 5
01/18/07 13:25:22 [Note]: 4000 5
01/18/07 13:25:22 [Note]: 4007 5
01/18/07 13:25:22 [Error]: 4028 5
01/18/07 13:25:24 [Note]: 4000 5
01/18/07 13:25:24 [Note]: 4007 5
01/18/07 13:25:24 [Error]: 4028 5
01/18/07 13:25:25 [Note]: 4000 5
01/18/07 13:25:25 [Note]: 4007 5
01/18/07 13:25:25 [Error]: 4028 5
01/18/07 13:25:27 [Note]: 4000 5
01/18/07 13:25:27 [Note]: 4007 5
01/18/07 13:25:27 [Error]: 4028 5
01/18/07 13:25:28 [Note]: 4000 5
01/18/07 13:25:28 [Note]: 4007 5
01/18/07 13:25:28 [Error]: 4028 5
01/18/07 13:25:30 [Note]: 4000 5
01/18/07 13:25:30 [Note]: 4007 5
01/18/07 13:25:30 [Error]: 4028 5
01/18/07 13:25:31 [Note]: 4000 5
01/18/07 13:25:31 [Note]: 4007 5
01/18/07 13:25:31 [Error]: 4028 5
01/18/07 13:25:32 [Note]: 4000 5
01/18/07 13:25:33 [Note]: 4007 5
01/18/07 13:25:33 [Error]: 4028 5
01/18/07 13:25:34 [Note]: 4000 5
01/18/07 13:25:34 [Note]: 4007 5
01/18/07 13:25:34 [Error]: 4028 5
01/18/07 13:25:35 [Note]: 4000 5
01/18/07 13:25:35 [Note]: 4007 5
01/18/07 13:25:35 [Error]: 4028 5
01/18/07 13:25:38 [Note]: 4000 5
01/18/07 13:25:38 [Note]: 4007 5
01/18/07 13:25:38 [Error]: 4028 5
01/18/07 13:25:39 [Note]: 4000 5
01/18/07 13:25:39 [Note]: 4007 5
01/18/07 13:25:39 [Error]: 4028 5
01/18/07 13:25:40 [Note]: 4000 5
01/18/07 13:25:40 [Note]: 4007 5
01/18/07 13:25:40 [Error]: 4028 5
01/18/07 13:25:41 [Note]: 4000 5
01/18/07 13:25:41 [Note]: 4007 5
01/18/07 13:25:41 [Error]: 4028 5
01/18/07 13:25:43 [Note]: 4000 5
01/18/07 13:25:43 [Note]: 4007 5
01/18/07 13:25:43 [Error]: 4028 5
01/18/07 13:25:44 [Note]: 4000 5
01/18/07 13:25:44 [Note]: 4007 5
01/18/07 13:25:44 [Error]: 4028 5
01/18/07 13:25:45 [Note]: 4000 5
01/18/07 13:25:45 [Note]: 4007 5
01/18/07 13:25:45 [Error]: 4028 5
01/18/07 13:25:47 [Note]: 4000 5
01/18/07 13:25:47 [Note]: 4007 5
01/18/07 13:25:47 [Error]: 4028 5
01/18/07 13:25:48 [Note]: 4000 5
01/18/07 13:25:48 [Note]: 4007 5
01/18/07 13:25:48 [Error]: 4028 5
01/18/07 13:25:49 [Note]: 4000 5
01/18/07 13:25:50 [Note]: 4007 5
01/18/07 13:25:50 [Error]: 4028 5
01/18/07 13:25:51 [Note]: 4000 5
01/18/07 13:25:51 [Note]: 4007 5
01/18/07 13:25:51 [Error]: 4028 5
01/18/07 13:25:53 [Note]: 4000 5
01/18/07 13:25:53 [Note]: 4007 5
01/18/07 13:25:53 [Error]: 4028 5
01/18/07 13:25:55 [Note]: 4000 5
01/18/07 13:25:55 [Note]: 4007 5
01/18/07 13:25:55 [Error]: 4028 5
01/18/07 13:25:56 [Note]: 4000 5
01/18/07 13:25:56 [Note]: 4007 5
01/18/07 13:25:56 [Error]: 4028 5
01/18/07 13:25:58 [Note]: 4000 5
01/18/07 13:25:58 [Note]: 4007 5
01/18/07 13:25:58 [Error]: 4028 5
01/18/07 13:25:59 [Note]: 4000 5
01/18/07 13:25:59 [Note]: 4007 5
01/18/07 13:25:59 [Error]: 4028 5
01/18/07 13:26:01 [Note]: 4000 5
01/18/07 13:26:01 [Note]: 4007 5
01/18/07 13:26:01 [Error]: 4028 5
01/18/07 13:26:03 [Note]: 4000 5
01/18/07 13:26:03 [Note]: 4007 5
01/18/07 13:26:03 [Error]: 4028 5
01/18/07 13:26:04 [Note]: 4000 5
01/18/07 13:26:04 [Note]: 4007 5
01/18/07 13:26:04 [Error]: 4028 5
01/18/07 13:26:06 [Note]: 4000 5
01/18/07 13:26:07 [Note]: 4007 5
01/18/07 13:26:07 [Error]: 4028 5
01/18/07 13:26:09 [Note]: 4000 5
01/18/07 13:26:09 [Note]: 4007 5
01/18/07 13:26:09 [Error]: 4028 5
01/18/07 13:26:11 [Note]: 4000 5
01/18/07 13:26:11 [Note]: 4007 5
01/18/07 13:26:11 [Error]: 4028 5
01/18/07 13:26:12 [Note]: 4000 5
01/18/07 13:26:12 [Note]: 4007 5
01/18/07 13:26:12 [Error]: 4028 5
01/18/07 13:26:14 [Note]: 4000 5
01/18/07 13:26:14 [Note]: 4007 5
01/18/07 13:26:14 [Error]: 4028 5
01/18/07 13:26:15 [Note]: 4000 5
01/18/07 13:26:15 [Note]: 4007 5
01/18/07 13:26:15 [Error]: 4028 5
01/18/07 13:26:16 [Note]: 4000 5
01/18/07 13:26:16 [Note]: 4007 5
01/18/07 13:26:16 [Error]: 4028 5
01/18/07 13:26:18 [Note]: 4000 5
01/18/07 13:26:18 [Note]: 4007 5
01/18/07 13:26:18 [Error]: 4028 5
01/18/07 13:26:19 [Note]: 4000 5
01/18/07 13:26:19 [Note]: 4007 5
01/18/07 13:26:19 [Error]: 4028 5
01/18/07 13:26:21 [Note]: 4000 5
01/18/07 13:26:21 [Note]: 4007 5
01/18/07 13:26:21 [Error]: 4028 5
01/18/07 13:26:22 [Note]: 4000 5
01/18/07 13:26:22 [Note]: 4007 5
01/18/07 13:26:22 [Error]: 4028 5
01/18/07 13:26:23 [Note]: 4000 5
01/18/07 13:26:24 [Note]: 4007 5
01/18/07 13:26:24 [Error]: 4028 5
01/18/07 13:26:25 [Note]: 4000 5
01/18/07 13:26:25 [Note]: 4007 5
01/18/07 13:26:25 [Error]: 4028 5
01/18/07 13:26:26 [Note]: 4000 5
01/18/07 13:26:27 [Note]: 4007 5
01/18/07 13:26:27 [Error]: 4028 5
01/18/07 13:26:28 [Note]: 4000 5
01/18/07 13:26:28 [Note]: 4007 5
01/18/07 13:26:28 [Error]: 4028 5
01/18/07 13:26:29 [Note]: 4000 5
01/18/07 13:26:29 [Note]: 4007 5
01/18/07 13:26:29 [Error]: 4028 5
01/18/07 13:26:31 [Note]: 4000 5
01/18/07 13:26:31 [Note]: 4007 5
01/18/07 13:26:31 [Error]: 4028 5
01/18/07 13:26:32 [Note]: 4000 5
01/18/07 13:26:32 [Note]: 4007 5
01/18/07 13:26:32 [Error]: 4028 5
01/18/07 13:26:34 [Note]: 4000 5
01/18/07 13:26:34 [Note]: 4007 5
01/18/07 13:26:34 [Error]: 4028 5
01/18/07 13:26:35 [Note]: 4000 5
01/18/07 13:26:35 [Note]: 4007 5
01/18/07 13:26:35 [Error]: 4028 5
01/18/07 13:26:39 [Note]: 4000 5
01/18/07 13:26:39 [Note]: 4007 5
01/18/07 13:26:39 [Error]: 4028 5
01/18/07 13:26:42 [Note]: 4000 5
01/18/07 13:26:42 [Note]: 4007 5
01/18/07 13:26:42 [Error]: 4028 5
01/18/07 13:26:45 [Note]: 4000 5
01/18/07 13:26:45 [Note]: 4007 5
01/18/07 13:26:45 [Error]: 4028 5
01/18/07 13:26:48 [Note]: 4000 5
01/18/07 13:26:48 [Note]: 4007 5
01/18/07 13:26:48 [Error]: 4028 5
01/18/07 13:26:51 [Note]: 4000 5
01/18/07 13:26:52 [Note]: 4007 5
01/18/07 13:26:52 [Error]: 4028 5
01/18/07 13:26:55 [Note]: 4000 5
01/18/07 13:26:55 [Note]: 4007 5
01/18/07 13:26:55 [Error]: 4028 5
01/18/07 13:26:58 [Note]: 4000 5
01/18/07 13:26:58 [Note]: 4007 5
01/18/07 13:26:58 [Error]: 4028 5
01/18/07 13:27:01 [Note]: 4000 5
01/18/07 13:27:01 [Note]: 4007 5
01/18/07 13:27:01 [Error]: 4028 5
01/18/07 13:27:04 [Note]: 4000 5
01/18/07 13:27:04 [Note]: 4007 5
01/18/07 13:27:04 [Error]: 4028 5
01/18/07 13:27:07 [Note]: 4000 5
01/18/07 13:27:07 [Note]: 4007 5
01/18/07 13:27:07 [Error]: 4028 5
01/18/07 13:27:11 [Note]: 4000 5
01/18/07 13:27:11 [Note]: 4007 5
01/18/07 13:27:11 [Error]: 4028 5
01/18/07 13:27:14 [Note]: 4000 5
01/18/07 13:27:14 [Note]: 4007 5
01/18/07 13:27:14 [Error]: 4028 5
01/18/07 13:27:17 [Note]: 4000 5
01/18/07 13:27:17 [Note]: 4007 5
01/18/07 13:27:17 [Error]: 4028 5
01/18/07 13:27:20 [Note]: 4000 5
01/18/07 13:27:20 [Note]: 4007 5
01/18/07 13:27:20 [Error]: 4028 5
01/18/07 13:27:24 [Note]: 4000 5
01/18/07 13:27:24 [Note]: 4007 5
01/18/07 13:27:24 [Error]: 4028 5
01/18/07 13:27:27 [Note]: 4000 5
01/18/07 13:27:27 [Note]: 4007 5
01/18/07 13:27:27 [Error]: 4028 5
01/18/07 13:27:30 [Note]: 4000 5
01/18/07 13:27:30 [Note]: 4007 5
01/18/07 13:27:30 [Error]: 4028 5
01/18/07 13:27:34 [Note]: 4000 5
01/18/07 13:27:34 [Note]: 4007 5
01/18/07 13:27:34 [Error]: 4028 5
01/18/07 13:27:37 [Note]: 4000 5
01/18/07 13:27:37 [Note]: 4007 5
01/18/07 13:27:37 [Error]: 4028 5
01/18/07 13:27:40 [Note]: 4000 5
01/18/07 13:27:40 [Note]: 4007 5
01/18/07 13:27:40 [Error]: 4028 5
01/18/07 13:27:44 [Note]: 4000 5
01/18/07 13:27:44 [Note]: 4007 5
01/18/07 13:27:44 [Error]: 4028 5
01/18/07 13:27:47 [Note]: 4000 5
01/18/07 13:27:47 [Note]: 4007 5
01/18/07 13:27:47 [Error]: 4028 5
01/18/07 13:27:50 [Note]: 4000 5
01/18/07 13:27:50 [Note]: 4007 5
01/18/07 13:27:50 [Error]: 4028 5
01/18/07 13:27:53 [Note]: 4000 5
01/18/07 13:27:53 [Note]: 4007 5
01/18/07 13:27:53 [Error]: 4028 5
01/18/07 13:27:57 [Note]: 4000 5
01/18/07 13:27:57 [Note]: 4007 5
01/18/07 13:27:57 [Error]: 4028 5
01/18/07 13:28:00 [Note]: 4000 5
01/18/07 13:28:00 [Note]: 4007 5
01/18/07 13:28:00 [Error]: 4028 5
01/18/07 13:28:03 [Note]: 4000 5
01/18/07 13:28:03 [Note]: 4007 5
01/18/07 13:28:03 [Error]: 4028 5
01/18/07 13:28:07 [Note]: 4000 5
01/18/07 13:28:07 [Note]: 4007 5
01/18/07 13:28:07 [Error]: 4028 5
01/18/07 13:28:10 [Note]: 4000 5
01/18/07 13:28:10 [Note]: 4007 5
01/18/07 13:28:10 [Error]: 4028 5
01/18/07 13:28:13 [Note]: 4000 5
01/18/07 13:28:13 [Note]: 4007 5
01/18/07 13:28:13 [Error]: 4028 5
01/18/07 13:28:17 [Note]: 4000 5
01/18/07 13:28:17 [Note]: 4007 5
01/18/07 13:28:17 [Error]: 4028 5
01/18/07 13:28:20 [Note]: 4000 5
01/18/07 13:28:20 [Note]: 4007 5
01/18/07 13:28:20 [Error]: 4028 5
01/18/07 13:28:24 [Note]: 4000 5
01/18/07 13:28:24 [Note]: 4007 5
01/18/07 13:28:24 [Error]: 4028 5
01/18/07 13:28:27 [Note]: 4000 5
01/18/07 13:28:27 [Note]: 4007 5
01/18/07 13:28:27 [Error]: 4028 5
01/18/07 13:28:31 [Note]: 4000 5
01/18/07 13:28:31 [Note]: 4007 5
01/18/07 13:28:31 [Error]: 4028 5
01/18/07 13:28:34 [Note]: 4000 5
01/18/07 13:28:34 [Note]: 4007 5
01/18/07 13:28:34 [Error]: 4028 5
01/18/07 13:28:37 [Note]: 4000 5
01/18/07 13:28:37 [Note]: 4007 5
01/18/07 13:28:37 [Error]: 4028 5
01/18/07 13:28:41 [Note]: 4000 5
01/18/07 13:28:41 [Note]: 4007 5
01/18/07 13:28:41 [Error]: 4028 5
01/18/07 13:28:44 [Note]: 4000 5
01/18/07 13:28:44 [Note]: 4007 5
01/18/07 13:28:44 [Error]: 4028 5
01/18/07 13:28:48 [Note]: 4000 5
01/18/07 13:28:48 [Note]: 4007 5
01/18/07 13:28:48 [Error]: 4028 5
01/18/07 13:28:51 [Note]: 4000 5
01/18/07 13:28:51 [Note]: 4007 5
01/18/07 13:28:51 [Error]: 4028 5
01/18/07 13:28:55 [Note]: 4000 5
01/18/07 13:28:55 [Note]: 4007 5
01/18/07 13:28:55 [Error]: 4028 5
01/18/07 13:28:58 [Note]: 4000 5
01/18/07 13:28:58 [Note]: 4007 5
01/18/07 13:28:58 [Error]: 4028 5
01/18/07 13:29:02 [Note]: 4000 5
01/18/07 13:29:02 [Note]: 4007 5
01/18/07 13:29:02 [Error]: 4028 5
01/18/07 13:29:05 [Note]: 4000 5
01/18/07 13:29:05 [Note]: 4007 5
01/18/07 13:29:05 [Error]: 4028 5
01/18/07 13:29:08 [Note]: 4000 5
01/18/07 13:29:08 [Note]: 4007 5
01/18/07 13:29:08 [Error]: 4028 5
01/18/07 13:29:12 [Note]: 4000 5
01/18/07 13:29:12 [Note]: 4007 5
01/18/07 13:29:12 [Error]: 4028 5
01/18/07 13:29:15 [Note]: 4000 5
01/18/07 13:29:15 [Note]: 4007 5
01/18/07 13:29:15 [Error]: 4028 5
01/18/07 13:29:19 [Note]: 4000 5
01/18/07 13:29:19 [Note]: 4007 5
01/18/07 13:29:19 [Error]: 4028 5
01/18/07 13:29:22 [Note]: 4000 5
01/18/07 13:29:22 [Note]: 4007 5
01/18/07 13:29:22 [Error]: 4028 5
01/18/07 13:29:26 [Note]: 4000 5
01/18/07 13:29:26 [Note]: 4007 5
01/18/07 13:29:26 [Error]: 4028 5
01/18/07 13:29:29 [Note]: 4000 5
01/18/07 13:29:29 [Note]: 4007 5
01/18/07 13:29:29 [Error]: 4028 5
01/18/07 13:29:33 [Note]: 4000 5
01/18/07 13:29:33 [Note]: 4007 5
01/18/07 13:29:33 [Error]: 4028 5
01/18/07 13:29:36 [Note]: 4000 5
01/18/07 13:29:36 [Note]: 4007 5
01/18/07 13:29:36 [Error]: 4028 5
01/18/07 13:29:40 [Note]: 4000 5
01/18/07 13:29:40 [Note]: 4007 5
01/18/07 13:29:40 [Error]: 4028 5
01/18/07 13:29:44 [Note]: 4000 5
01/18/07 13:29:44 [Note]: 4007 5
01/18/07 13:29:44 [Error]: 4028 5
01/18/07 13:29:47 [Note]: 4000 5
01/18/07 13:29:47 [Note]: 4007 5
01/18/07 13:29:47 [Error]: 4028 5
01/18/07 13:29:51 [Note]: 4000 5
01/18/07 13:29:51 [Note]: 4007 5
01/18/07 13:29:51 [Error]: 4028 5
01/18/07 13:29:54 [Note]: 4000 5
01/18/07 13:29:54 [Note]: 4007 5
01/18/07 13:29:54 [Error]: 4028 5
01/18/07 13:29:57 [Note]: 4000 5
01/18/07 13:29:57 [Note]: 4007 5
01/18/07 13:29:57 [Error]: 4028 5
01/18/07 13:30:00 [Note]: 4000 5
01/18/07 13:30:00 [Note]: 4007 5
01/18/07 13:30:00 [Error]: 4028 5
01/18/07 13:30:04 [Note]: 4000 5
01/18/07 13:30:04 [Note]: 4007 5
01/18/07 13:30:04 [Error]: 4028 5
01/18/07 13:30:07 [Note]: 4000 5
01/18/07 13:30:07 [Note]: 4007 5
01/18/07 13:30:07 [Error]: 4028 5
01/18/07 13:30:11 [Note]: 4000 5
01/18/07 13:30:11 [Note]: 4007 5
01/18/07 13:30:11 [Error]: 4028 5
01/18/07 13:30:15 [Note]: 4000 5
01/18/07 13:30:15 [Note]: 4007 5
01/18/07 13:30:15 [Error]: 4028 5
01/18/07 13:30:19 [Note]: 4000 5
01/18/07 13:30:19 [Note]: 4007 5
01/18/07 13:30:19 [Error]: 4028 5
01/18/07 13:30:23 [Note]: 4000 5
01/18/07 13:30:23 [Note]: 4007 5
01/18/07 13:30:23 [Error]: 4028 5
01/18/07 13:30:27 [Note]: 4000 5
01/18/07 13:30:27 [Note]: 4007 5
01/18/07 13:30:27 [Error]: 4028 5
01/18/07 13:30:30 [Note]: 4000 5
01/18/07 13:30:30 [Note]: 4007 5
01/18/07 13:30:30 [Error]: 4028 5
01/18/07 13:30:33 [Note]: 4000 5
01/18/07 13:30:33 [Note]: 4007 5
01/18/07 13:30:33 [Error]: 4028 5
01/18/07 13:30:37 [Note]: 4000 5
01/18/07 13:30:37 [Note]: 4007 5
01/18/07 13:30:37 [Error]: 4028 5
01/18/07 13:30:40 [Note]: 4000 5
01/18/07 13:30:40 [Note]: 4007 5
01/18/07 13:30:40 [Error]: 4028 5
01/18/07 13:30:44 [Note]: 4000 5
01/18/07 13:30:44 [Note]: 4007 5
01/18/07 13:30:44 [Error]: 4028 5
01/18/07 13:30:47 [Note]: 4000 5
01/18/07 13:30:47 [Note]: 4007 5
01/18/07 13:30:47 [Error]: 4028 5
01/18/07 13:30:51 [Note]: 4000 5
01/18/07 13:30:51 [Note]: 4007 5
01/18/07 13:30:51 [Error]: 4028 5
01/18/07 13:30:54 [Note]: 4000 5
01/18/07 13:30:54 [Note]: 4007 5
01/18/07 13:30:54 [Error]: 4028 5
01/18/07 13:30:58 [Note]: 4000 5
01/18/07 13:30:58 [Note]: 4007 5
01/18/07 13:30:58 [Error]: 4028 5
01/18/07 13:31:01 [Note]: 4000 5
01/18/07 13:31:01 [Note]: 4007 5
01/18/07 13:31:01 [Error]: 4028 5
01/18/07 13:31:04 [Note]: 4000 5
01/18/07 13:31:04 [Note]: 4007 5
01/18/07 13:31:04 [Error]: 4028 5
01/18/07 13:31:08 [Note]: 4000 5
01/18/07 13:31:08 [Note]: 4007 5
01/18/07 13:31:08 [Error]: 4028 5
01/18/07 13:31:10 [Note]: 4000 5
01/18/07 13:31:10 [Note]: 4007 5
01/18/07 13:31:10 [Error]: 4028 5
01/18/07 13:31:12 [Note]: 4000 5
01/18/07 13:31:13 [Note]: 4007 5
01/18/07 13:31:13 [Error]: 4028 5
01/18/07 13:31:15 [Note]: 4000 5
01/18/07 13:31:15 [Note]: 4007 5
01/18/07 13:31:15 [Error]: 4028 5
01/18/07 13:31:18 [Note]: 4000 5
01/18/07 13:31:18 [Note]: 4007 5
01/18/07 13:31:18 [Error]: 4028 5
01/18/07 13:31:20 [Note]: 4000 5
01/18/07 13:31:20 [Note]: 4007 5
01/18/07 13:31:20 [Error]: 4028 5
01/18/07 13:31:23 [Note]: 4000 5
01/18/07 13:31:23 [Note]: 4007 5
01/18/07 13:31:23 [Error]: 4028 5
01/18/07 13:31:25 [Note]: 4000 5
01/18/07 13:31:25 [Note]: 4007 5
01/18/07 13:31:25 [Error]: 4028 5
01/18/07 13:31:28 [Note]: 4000 5
01/18/07 13:31:28 [Note]: 4007 5
01/18/07 13:31:28 [Error]: 4028 5
01/18/07 13:31:31 [Note]: 4000 5
01/18/07 13:31:31 [Note]: 4007 5
01/18/07 13:31:31 [Error]: 4028 5
01/18/07 13:31:33 [Note]: 4000 5
01/18/07 13:31:33 [Note]: 4007 5
01/18/07 13:31:33 [Error]: 4028 5
01/18/07 13:31:36 [Note]: 4000 5
01/18/07 13:31:36 [Note]: 4007 5
01/18/07 13:31:36 [Error]: 4028 5
01/18/07 13:31:39 [Note]: 4000 5
01/18/07 13:31:39 [Note]: 4007 5
01/18/07 13:31:39 [Error]: 4028 5
01/18/07 13:31:42 [Note]: 4000 5
01/18/07 13:31:42 [Note]: 4007 5
01/18/07 13:31:42 [Error]: 4028 5
01/18/07 13:31:45 [Note]: 4000 5
01/18/07 13:31:45 [Note]: 4007 5
01/18/07 13:31:45 [Error]: 4028 5
01/18/07 13:31:46 [Note]: 4000 5
01/18/07 13:31:46 [Note]: 4007 5
01/18/07 13:31:46 [Error]: 4028 5
01/18/07 13:31:48 [Note]: 4000 5
01/18/07 13:31:48 [Note]: 4007 5
01/18/07 13:31:48 [Error]: 4028 5
01/18/07 13:31:50 [Note]: 4000 5
01/18/07 13:31:50 [Note]: 4007 5
01/18/07 13:31:50 [Error]: 4028 5
01/18/07 13:31:52 [Note]: 4000 5
01/18/07 13:31:52 [Note]: 4007 5
01/18/07 13:31:52 [Error]: 4028 5
01/18/07 13:31:54 [Note]: 4000 5
01/18/07 13:31:55 [Note]: 4007 5
01/18/07 13:31:55 [Error]: 4028 5
01/18/07 13:31:56 [Note]: 4000 5
01/18/07 13:31:56 [Note]: 4007 5
01/18/07 13:31:56 [Error]: 4028 5
01/18/07 13:31:58 [Note]: 4000 5
01/18/07 13:31:58 [Note]: 4007 5
01/18/07 13:31:58 [Error]: 4028 5
01/18/07 13:32:00 [Note]: 4000 5
01/18/07 13:32:01 [Note]: 4007 5
01/18/07 13:32:01 [Error]: 4028 5
01/18/07 13:32:02 [Note]: 4000 5
01/18/07 13:32:02 [Note]: 4007 5
01/18/07 13:32:02 [Error]: 4028 5
01/18/07 13:32:04 [Note]: 4000 5
01/18/07 13:32:05 [Note]: 4007 5
01/18/07 13:32:05 [Error]: 4028 5
01/18/07 13:32:06 [Note]: 4000 5
01/18/07 13:32:06 [Note]: 4007 5
01/18/07 13:32:06 [Error]: 4028 5
01/18/07 13:32:08 [Note]: 4000 5
01/18/07 13:32:08 [Note]: 4007 5
01/18/07 13:32:08 [Error]: 4028 5
01/18/07 13:32:11 [Note]: 4000 5
01/18/07 13:32:11 [Note]: 4007 5
01/18/07 13:32:11 [Error]: 4028 5
01/18/07 13:32:13 [Note]: 4000 5
01/18/07 13:32:13 [Note]: 4007 5
01/18/07 13:32:13 [Error]: 4028 5
01/18/07 13:32:15 [Note]: 4000 5
01/18/07 13:32:15 [Note]: 4007 5
01/18/07 13:32:15 [Error]: 4028 5
01/18/07 13:32:17 [Note]: 4000 5
01/18/07 13:32:17 [Note]: 4007 5
01/18/07 13:32:17 [Error]: 4028 5
01/18/07 13:32:19 [Note]: 4000 5
01/18/07 13:32:19 [Note]: 4007 5
01/18/07 13:32:19 [Error]: 4028 5
01/18/07 13:32:21 [Note]: 4000 5
01/18/07 13:32:21 [Note]: 4007 5
01/18/07 13:32:21 [Error]: 4028 5
01/18/07 13:32:23 [Note]: 4000 5
01/18/07 13:32:23 [Note]: 4007 5
01/18/07 13:32:23 [Error]: 4028 5
01/18/07 13:32:26 [Note]: 4000 5
01/18/07 13:32:26 [Note]: 4007 5
01/18/07 13:32:26 [Error]: 4028 5
01/18/07 13:32:28 [Note]: 4000 5
01/18/07 13:32:28 [Note]: 4007 5
01/18/07 13:32:28 [Error]: 4028 5
01/18/07 13:32:31 [Note]: 4000 5
01/18/07 13:32:31 [Note]: 4007 5
01/18/07 13:32:31 [Error]: 4028 5
01/18/07 13:32:33 [Note]: 4000 5
01/18/07 13:32:33 [Note]: 4007 5
01/18/07 13:32:33 [Error]: 4028 5
01/18/07 13:32:35 [Note]: 4000 5
01/18/07 13:32:35 [Note]: 4007 5
01/18/07 13:32:35 [Error]: 4028 5
01/18/07 13:32:39 [Note]: 4000 5
01/18/07 13:32:39 [Note]: 4007 5
01/18/07 13:32:39 [Error]: 4028 5
01/18/07 13:32:42 [Note]: 4000 5
01/18/07 13:32:42 [Note]: 4007 5
01/18/07 13:32:42 [Error]: 4028 5
01/18/07 13:32:46 [Note]: 4000 5
01/18/07 13:32:46 [Note]: 4007 5
01/18/07 13:32:46 [Error]: 4028 5
01/18/07 13:32:49 [Note]: 4000 5
01/18/07 13:32:49 [Note]: 4007 5
01/18/07 13:32:49 [Error]: 4028 5
01/18/07 13:32:53 [Note]: 4000 5
01/18/07 13:32:53 [Note]: 4007 5
01/18/07 13:32:53 [Error]: 4028 5
01/18/07 13:32:56 [Note]: 4000 5
01/18/07 13:32:56 [Note]: 4007 5
01/18/07 13:32:56 [Error]: 4028 5
01/18/07 13:32:59 [Note]: 4000 5
01/18/07 13:32:59 [Note]: 4007 5
01/18/07 13:32:59 [Error]: 4028 5
01/18/07 13:33:03 [Note]: 4000 5
01/18/07 13:33:03 [Note]: 4007 5
01/18/07 13:33:03 [Error]: 4028 5
01/18/07 13:33:07 [Note]: 4000 5
01/18/07 13:33:07 [Note]: 4007 5
01/18/07 13:33:07 [Error]: 4028 5
01/18/07 13:33:10 [Note]: 4000 5
01/18/07 13:33:10 [Note]: 4007 5
01/18/07 13:33:10 [Error]: 4028 5
01/18/07 13:33:12 [Note]: 4000 5
01/18/07 13:33:12 [Note]: 4007 5
01/18/07 13:33:12 [Error]: 4028 5
01/18/07 13:33:15 [Note]: 4000 5
01/18/07 13:33:15 [Note]: 4007 5
01/18/07 13:33:15 [Error]: 4028 5
01/18/07 13:33:16 [Note]: 4000 5
01/18/07 13:33:16 [Note]: 4007 5
01/18/07 13:33:16 [Error]: 4028 5
01/18/07 13:33:18 [Note]: 4000 5
01/18/07 13:33:18 [Note]: 4007 5
01/18/07 13:33:18 [Error]: 4028 5
01/18/07 13:33:19 [Note]: 4000 5
01/18/07 13:33:19 [Note]: 4007 5
01/18/07 13:33:19 [Error]: 4028 5
01/18/07 13:33:21 [Note]: 4000 5
01/18/07 13:33:21 [Note]: 4007 5
01/18/07 13:33:21 [Error]: 4028 5
01/18/07 13:33:24 [Note]: 4000 5
01/18/07 13:33:24 [Note]: 4007 5
01/18/07 13:33:24 [Error]: 4028 5
01/18/07 13:33:26 [Note]: 4000 5
01/18/07 13:33:26 [Note]: 4007 5
01/18/07 13:33:26 [Error]: 4028 5
01/18/07 13:33:27 [Note]: 4000 5
01/18/07 13:33:27 [Note]: 4007 5
01/18/07 13:33:27 [Error]: 4028 5
01/18/07 13:33:29 [Note]: 4000 5
01/18/07 13:33:29 [Note]: 4007 5
01/18/07 13:33:29 [Error]: 4028 5
01/18/07 13:33:31 [Note]: 4000 5
01/18/07 13:33:31 [Note]: 4007 5
01/18/07 13:33:31 [Error]: 4028 5
01/18/07 13:33:33 [Note]: 4000 5
01/18/07 13:33:33 [Note]: 4007 5
01/18/07 13:33:33 [Error]: 4028 5
01/18/07 13:33:35 [Note]: 4000 5
01/18/07 13:33:35 [Note]: 4007 5
01/18/07 13:33:35 [Error]: 4028 5
01/18/07 13:33:37 [Note]: 4000 5
01/18/07 13:33:37 [Note]: 4007 5
01/18/07 13:33:37 [Error]: 4028 5
01/18/07 13:33:38 [Note]: 4000 5
01/18/07 13:33:38 [Note]: 4007 5
01/18/07 13:33:38 [Error]: 4028 5
01/18/07 13:33:41 [Note]: 4000 5
01/18/07 13:33:41 [Note]: 4007 5
01/18/07 13:33:41 [Error]: 4028 5
01/18/07 13:33:44 [Note]: 4000 5
01/18/07 13:33:44 [Note]: 4007 5
01/18/07 13:33:44 [Error]: 4028 5
01/18/07 13:33:47 [Note]: 4000 5
01/18/07 13:33:47 [Note]: 4007 5
01/18/07 13:33:47 [Error]: 4028 5
01/18/07 13:33:50 [Note]: 4000 5
01/18/07 13:33:50 [Note]: 4007 5
01/18/07 13:33:50 [Error]: 4028 5
01/18/07 13:33:53 [Note]: 4000 5
01/18/07 13:33:53 [Note]: 4007 5
01/18/07 13:33:53 [Error]: 4028 5
01/18/07 13:33:56 [Note]: 4000 5
01/18/07 13:33:56 [Note]: 4007 5
01/18/07 13:33:56 [Error]: 4028 5
01/18/07 13:33:59 [Note]: 4000 5
01/18/07 13:33:59 [Note]: 4007 5
01/18/07 13:33:59 [Error]: 4028 5
01/18/07 13:34:01 [Note]: 4000 5
01/18/07 13:34:02 [Note]: 4007 5
01/18/07 13:34:02 [Error]: 4028 5
01/18/07 13:34:04 [Note]: 4000 5
01/18/07 13:34:04 [Note]: 4007 5
01/18/07 13:34:04 [Error]: 4028 5
01/18/07 13:34:07 [Note]: 4000 5
01/18/07 13:34:07 [Note]: 4007 5
01/18/07 13:34:07 [Error]: 4028 5
01/18/07 13:34:10 [Note]: 4000 5
01/18/07 13:34:10 [Note]: 4007 5
01/18/07 13:34:10 [Error]: 4028 5
01/18/07 13:34:13 [Note]: 4000 5
01/18/07 13:34:13 [Note]: 4007 5
01/18/07 13:34:13 [Error]: 4028 5
01/18/07 13:34:16 [Note]: 4000 5
01/18/07 13:34:16 [Note]: 4007 5
01/18/07 13:34:16 [Error]: 4028 5
01/18/07 13:34:19 [Note]: 4000 5
01/18/07 13:34:19 [Note]: 4007 5
01/18/07 13:34:19 [Error]: 4028 5
01/18/07 13:34:22 [Note]: 4000 5
01/18/07 13:34:22 [Note]: 4007 5
01/18/07 13:34:22 [Error]: 4028 5
01/18/07 13:34:25 [Note]: 4000 5
01/18/07 13:34:25 [Note]: 4007 5
01/18/07 13:34:25 [Error]: 4028 5
01/18/07 13:34:27 [Note]: 4000 5
01/18/07 13:34:27 [Note]: 4007 5
01/18/07 13:34:27 [Error]: 4028 5
01/18/07 13:34:30 [Note]: 4000 5
01/18/07 13:34:30 [Note]: 4007 5
01/18/07 13:34:30 [Error]: 4028 5
01/18/07 13:34:33 [Note]: 4000 5
01/18/07 13:34:33 [Note]: 4007 5
01/18/07 13:34:33 [Error]: 4028 5
01/18/07 13:34:36 [Note]: 4000 5
01/18/07 13:34:36 [Note]: 4007 5
01/18/07 13:34:36 [Error]: 4028 5
01/18/07 13:34:39 [Note]: 4000 5
01/18/07 13:34:39 [Note]: 4007 5
01/18/07 13:34:39 [Error]: 4028 5
01/18/07 13:34:42 [Note]: 4000 5
01/18/07 13:34:42 [Note]: 4007 5
01/18/07 13:34:42 [Error]: 4028 5
01/18/07 13:34:45 [Note]: 4000 5
01/18/07 13:34:45 [Note]: 4007 5
01/18/07 13:34:45 [Error]: 4028 5
01/18/07 13:34:48 [Note]: 4000 5
01/18/07 13:34:48 [Note]: 4007 5
01/18/07 13:34:48 [Error]: 4028 5
01/18/07 13:34:51 [Note]: 4000 5
01/18/07 13:34:51 [Note]: 4007 5
01/18/07 13:34:51 [Error]: 4028 5
01/18/07 13:34:54 [Note]: 4000 5
01/18/07 13:34:54 [Note]: 4007 5
01/18/07 13:34:54 [Error]: 4028 5
01/18/07 13:34:57 [Note]: 4000 5
01/18/07 13:34:57 [Note]: 4007 5
01/18/07 13:34:57 [Error]: 4028 5
01/18/07 13:35:00 [Note]: 4000 5
01/18/07 13:35:00 [Note]: 4007 5
01/18/07 13:35:00 [Error]: 4028 5
01/18/07 13:35:03 [Note]: 4000 5
01/18/07 13:35:03 [Note]: 4007 5
01/18/07 13:35:03 [Error]: 4028 5
01/18/07 13:35:06 [Note]: 4000 5
01/18/07 13:35:06 [Note]: 4007 5
01/18/07 13:35:06 [Error]: 4028 5
01/18/07 13:35:09 [Note]: 4000 5
01/18/07 13:35:09 [Note]: 4007 5
01/18/07 13:35:09 [Error]: 4028 5
01/18/07 13:35:12 [Note]: 4000 5
01/18/07 13:35:12 [Note]: 4007 5
01/18/07 13:35:12 [Error]: 4028 5
01/18/07 13:35:15 [Note]: 4000 5
01/18/07 13:35:15 [Note]: 4007 5
01/18/07 13:35:15 [Error]: 4028 5
01/18/07 13:35:18 [Note]: 4000 5
01/18/07 13:35:18 [Note]: 4007 5
01/18/07 13:35:18 [Error]: 4028 5
01/18/07 13:35:21 [Note]: 4000 5
01/18/07 13:35:21 [Note]: 4007 5
01/18/07 13:35:21 [Error]: 4028 5
01/18/07 13:35:25 [Note]: 4000 5
01/18/07 13:35:25 [Note]: 4007 5
01/18/07 13:35:25 [Error]: 4028 5
01/18/07 13:35:28 [Note]: 4000 5
01/18/07 13:35:28 [Note]: 4007 5
01/18/07 13:35:28 [Error]: 4028 5
01/18/07 13:35:31 [Note]: 4000 5
01/18/07 13:35:31 [Note]: 4007 5
01/18/07 13:35:31 [Error]: 4028 5
01/18/07 13:35:34 [Note]: 4000 5
01/18/07 13:35:34 [Note]: 4007 5
01/18/07 13:35:34 [Error]: 4028 5
01/18/07 13:35:37 [Note]: 4000 5
01/18/07 13:35:37 [Note]: 4007 5
01/18/07 13:35:37 [Error]: 4028 5
01/18/07 13:35:40 [Note]: 4000 5
01/18/07 13:35:40 [Note]: 4007 5
01/18/07 13:35:40 [Error]: 4028 5
01/18/07 13:35:43 [Note]: 4000 5
01/18/07 13:35:43 [Note]: 4007 5
01/18/07 13:35:43 [Error]: 4028 5
01/18/07 13:35:48 [Note]: 4000 5
01/18/07 13:35:48 [Note]: 4007 5
01/18/07 13:35:48 [Error]: 4028 5
01/18/07 13:35:51 [Note]: 4000 5
01/18/07 13:35:51 [Note]: 4007 5
01/18/07 13:35:51 [Error]: 4028 5
01/18/07 13:35:55 [Note]: 4000 5
01/18/07 13:35:55 [Note]: 4007 5
01/18/07 13:35:55 [Error]: 4028 5
01/18/07 13:35:59 [Note]: 4000 5
01/18/07 13:35:59 [Note]: 4007 5
01/18/07 13:35:59 [Error]: 4028 5
01/18/07 13:36:02 [Note]: 4000 5
01/18/07 13:36:02 [Note]: 4007 5
01/18/07 13:36:02 [Error]: 4028 5
01/18/07 13:36:06 [Note]: 4000 5
01/18/07 13:36:06 [Note]: 4007 5
01/18/07 13:36:06 [Error]: 4028 5
01/18/07 13:36:10 [Note]: 4000 5
01/18/07 13:36:10 [Note]: 4007 5
01/18/07 13:36:10 [Error]: 4028 5
01/18/07 13:36:13 [Note]: 4000 5
01/18/07 13:36:13 [Note]: 4007 5
01/18/07 13:36:13 [Error]: 4028 5
01/18/07 13:36:17 [Note]: 4000 5
01/18/07 13:36:17 [Note]: 4007 5
01/18/07 13:36:17 [Error]: 4028 5
01/18/07 13:36:21 [Note]: 4000 5
01/18/07 13:36:21 [Note]: 4007 5
01/18/07 13:36:21 [Error]: 4028 5
01/18/07 13:36:26 [Note]: 4000 5
01/18/07 13:36:26 [Note]: 4007 5
01/18/07 13:36:26 [Error]: 4028 5
01/18/07 13:36:29 [Note]: 4000 5
01/18/07 13:36:29 [Note]: 4007 5
01/18/07 13:36:29 [Error]: 4028 5
01/18/07 13:36:33 [Note]: 4000 5
01/18/07 13:36:33 [Note]: 4007 5
01/18/07 13:36:33 [Error]: 4028 5
01/18/07 13:36:35 [Note]: 4000 5
01/18/07 13:36:35 [Note]: 4007 5
01/18/07 13:36:35 [Error]: 4028 5
01/18/07 13:36:37 [Note]: 4000 5
01/18/07 13:36:37 [Note]: 4007 5
01/18/07 13:36:37 [Error]: 4028 5
01/18/07 13:36:39 [Note]: 4000 5
01/18/07 13:36:39 [Note]: 4007 5
01/18/07 13:36:39 [Error]: 4028 5
01/18/07 13:36:42 [Note]: 4000 5
01/18/07 13:36:42 [Note]: 4007 5
01/18/07 13:36:42 [Error]: 4028 5
01/18/07 13:36:44 [Note]: 4000 5
01/18/07 13:36:44 [Note]: 4007 5
01/18/07 13:36:44 [Error]: 4028 5
01/18/07 13:36:46 [Note]: 4000 5
01/18/07 13:36:46 [Note]: 4007 5
01/18/07 13:36:46 [Error]: 4028 5
01/18/07 13:36:48 [Note]: 4000 5
01/18/07 13:36:48 [Note]: 4007 5
01/18/07 13:36:48 [Error]: 4028 5
01/18/07 13:36:51 [Note]: 4000 5
01/18/07 13:36:51 [Note]: 4007 5
01/18/07 13:36:51 [Error]: 4028 5
01/18/07 13:36:53 [Note]: 4000 5
01/18/07 13:36:53 [Note]: 4007 5
01/18/07 13:36:53 [Error]: 4028 5
01/18/07 13:36:55 [Note]: 4000 5
01/18/07 13:36:55 [Note]: 4007 5
01/18/07 13:36:55 [Error]: 4028 5
01/18/07 13:36:59 [Note]: 4000 5
01/18/07 13:36:59 [Note]: 4007 5
01/18/07 13:36:59 [Error]: 4028 5
01/18/07 13:37:03 [Note]: 4000 5
01/18/07 13:37:03 [Note]: 4007 5
01/18/07 13:37:03 [Error]: 4028 5
01/18/07 13:37:06 [Note]: 4000 5
01/18/07 13:37:06 [Note]: 4007 5
01/18/07 13:37:06 [Error]: 4028 5
01/18/07 13:37:10 [Note]: 4000 5
01/18/07 13:37:10 [Note]: 4007 5
01/18/07 13:37:10 [Error]: 4028 5
01/18/07 13:37:14 [Note]: 4000 5
01/18/07 13:37:14 [Note]: 4007 5
01/18/07 13:37:14 [Error]: 4028 5
01/18/07 13:37:18 [Note]: 4000 5
01/18/07 13:37:18 [Note]: 4007 5
01/18/07 13:37:18 [Error]: 4028 5
01/18/07 13:37:21 [Note]: 4000 5
01/18/07 13:37:21 [Note]: 4007 5
01/18/07 13:37:21 [Error]: 4028 5
01/18/07 13:37:25 [Note]: 4000 5
01/18/07 13:37:25 [Note]: 4007 5
01/18/07 13:37:25 [Error]: 4028 5
01/18/07 13:37:28 [Note]: 4000 5
01/18/07 13:37:28 [Note]: 4007 5
01/18/07 13:37:28 [Error]: 4028 5
01/18/07 13:37:32 [Note]: 4000 5
01/18/07 13:37:32 [Note]: 4007 5
01/18/07 13:37:32 [Error]: 4028 5
01/18/07 13:37:36 [Note]: 4000 5
01/18/07 13:37:36 [Note]: 4007 5
01/18/07 13:37:36 [Error]: 4028 5
01/18/07 13:37:37 [Note]: 4000 5
01/18/07 13:37:37 [Note]: 4007 5
01/18/07 13:37:37 [Error]: 4028 5
01/18/07 13:37:38 [Note]: 4000 5
01/18/07 13:37:38 [Note]: 4007 5
01/18/07 13:37:38 [Error]: 4028 5
01/18/07 13:37:40 [Note]: 4000 5
01/18/07 13:37:40 [Note]: 4007 5
01/18/07 13:37:40 [Error]: 4028 5
01/18/07 13:37:43 [Note]: 4000 5
01/18/07 13:37:43 [Note]: 4007 5
01/18/07 13:37:43 [Error]: 4028 5
01/18/07 13:37:46 [Note]: 4000 5
01/18/07 13:37:46 [Note]: 4007 5
01/18/07 13:37:46 [Error]: 4028 5
01/18/07 13:37:50 [Note]: 4000 5
01/18/07 13:37:50 [Note]: 4007 5
01/18/07 13:37:50 [Error]: 4028 5
01/18/07 13:37:52 [Note]: 4000 5
01/18/07 13:37:52 [Note]: 4007 5
01/18/07 13:37:52 [Error]: 4028 5
01/18/07 13:37:55 [Note]: 4000 5
01/18/07 13:37:55 [Note]: 4007 5
01/18/07 13:37:55 [Error]: 4028 5
01/18/07 13:37:59 [Note]: 4000 5
01/18/07 13:37:59 [Note]: 4007 5
01/18/07 13:37:59 [Error]: 4028 5
01/18/07 13:38:01 [Note]: 4000 5
01/18/07 13:38:01 [Note]: 4007 5
01/18/07 13:38:01 [Error]: 4028 5
01/18/07 13:38:03 [Note]: 4000 5
01/18/07 13:38:03 [Note]: 4007 5
01/18/07 13:38:03 [Error]: 4028 5
01/18/07 13:38:05 [Note]: 4000 5
01/18/07 13:38:05 [Note]: 4007 5
01/18/07 13:38:05 [Error]: 4028 5
01/18/07 13:38:07 [Note]: 4000 5
01/18/07 13:38:07 [Note]: 4007 5
01/18/07 13:38:07 [Error]: 4028 5
01/18/07 13:38:09 [Note]: 4000 5
01/18/07 13:38:09 [Note]: 4007 5
01/18/07 13:38:09 [Error]: 4028 5
01/18/07 13:38:13 [Note]: 4000 5
01/18/07 13:38:13 [Note]: 4007 5
01/18/07 13:38:13 [Error]: 4028 5
01/18/07 13:38:14 [Note]: 4000 5
01/18/07 13:38:14 [Note]: 4007 5
01/18/07 13:38:14 [Error]: 4028 5
01/18/07 13:38:16 [Note]: 4000 5
01/18/07 13:38:16 [Note]: 4007 5
01/18/07 13:38:16 [Error]: 4028 5
01/18/07 13:38:18 [Note]: 4000 5
01/18/07 13:38:18 [Note]: 4007 5
01/18/07 13:38:18 [Error]: 4028 5
01/18/07 13:38:20 [Note]: 4000 5
01/18/07 13:38:20 [Note]: 4007 5
01/18/07 13:38:20 [Error]: 4028 5
01/18/07 13:38:22 [Note]: 4000 5
01/18/07 13:38:22 [Note]: 4007 5
01/18/07 13:38:22 [Error]: 4028 5
01/18/07 13:38:23 [Note]: 4000 5
01/18/07 13:38:23 [Note]: 4007 5
01/18/07 13:38:23 [Error]: 4028 5
01/18/07 13:38:26 [Note]: 4000 5
01/18/07 13:38:26 [Note]: 4007 5
01/18/07 13:38:26 [Error]: 4028 5
01/18/07 13:38:29 [Note]: 4000 5
01/18/07 13:38:29 [Note]: 4007 5
01/18/07 13:38:29 [Error]: 4028 5
01/18/07 13:38:33 [Note]: 4000 5
01/18/07 13:38:33 [Note]: 4007 5
01/18/07 13:38:33 [Error]: 4028 5
01/18/07 13:38:36 [Note]: 4000 5
01/18/07 13:38:36 [Note]: 4007 5
01/18/07 13:38:36 [Error]: 4028 5
01/18/07 13:38:39 [Note]: 4000 5
01/18/07 13:38:39 [Note]: 4007 5
01/18/07 13:38:39 [Error]: 4028 5
01/18/07 13:38:43 [Note]: 4000 5
01/18/07 13:38:43 [Note]: 4007 5
01/18/07 13:38:43 [Error]: 4028 5
01/18/07 13:38:47 [Note]: 4000 5
01/18/07 13:38:47 [Note]: 4007 5
01/18/07 13:38:47 [Error]: 4028 5
01/18/07 13:38:50 [Note]: 4000 5
01/18/07 13:38:50 [Note]: 4007 5
01/18/07 13:38:50 [Error]: 4028 5
01/18/07 13:38:55 [Note]: 4000 5
01/18/07 13:38:55 [Note]: 4007 5
01/18/07 13:38:55 [Error]: 4028 5
01/18/07 13:38:59 [Note]: 4000 5
01/18/07 13:38:59 [Note]: 4007 5
01/18/07 13:38:59 [Error]: 4028 5
01/18/07 13:39:03 [Note]: 4000 5
01/18/07 13:39:03 [Note]: 4007 5
01/18/07 13:39:03 [Error]: 4028 5
01/18/07 13:39:05 [Note]: 4000 5
01/18/07 13:39:05 [Note]: 4007 5
01/18/07 13:39:05 [Error]: 4028 5
01/18/07 13:39:07 [Note]: 4000 5
01/18/07 13:39:07 [Note]: 4007 5
01/18/07 13:39:07 [Error]: 4028 5
01/18/07 13:39:11 [Note]: 4000 5
01/18/07 13:39:11 [Note]: 4007 5
01/18/07 13:39:11 [Error]: 4028 5
01/18/07 13:39:14 [Note]: 4000 5
01/18/07 13:39:14 [Note]: 4007 5
01/18/07 13:39:14 [Error]: 4028 5
01/18/07 13:39:17 [Note]: 4000 5
01/18/07 13:39:17 [Note]: 4007 5
01/18/07 13:39:17 [Error]: 4028 5
01/18/07 13:39:21 [Note]: 4000 5
01/18/07 13:39:21 [Note]: 4007 5
01/18/07 13:39:21 [Error]: 4028 5
01/18/07 13:39:22 [Note]: 4000 5
01/18/07 13:39:22 [Note]: 4007 5
01/18/07 13:39:22 [Error]: 4028 5
01/18/07 13:39:24 [Note]: 4000 5
01/18/07 13:39:24 [Note]: 4007 5
01/18/07 13:39:24 [Error]: 4028 5
01/18/07 13:39:24 [Note]: 4000 5
01/18/07 13:39:24 [Note]: 4007 5
01/18/07 13:39:24 [Error]: 4028 5
01/18/07 13:39:25 [Note]: 4000 5
01/18/07 13:39:25 [Note]: 4007 5
01/18/07 13:39:25 [Error]: 4028 5
01/18/07 13:39:25 [Note]: 4000 5
01/18/07 13:39:25 [Note]: 4007 5
01/18/07 13:39:25 [Error]: 4028 5
01/18/07 13:39:26 [Note]: 4000 5
01/18/07 13:39:26 [Note]: 4007 5
01/18/07 13:39:26 [Error]: 4028 5
01/18/07 13:39:27 [Note]: 4000 5
01/18/07 13:39:27 [Note]: 4007 5
01/18/07 13:39:27 [Error]: 4028 5
01/18/07 13:39:31 [Note]: 4000 5
01/18/07 13:39:31 [Note]: 4007 5
01/18/07 13:39:31 [Error]: 4028 5
01/18/07 13:39:32 [Note]: 4000 5
01/18/07 13:39:32 [Note]: 4007 5
01/18/07 13:39:32 [Error]: 4028 5
01/18/07 13:39:33 [Note]: 4000 5
01/18/07 13:39:33 [Note]: 4007 5
01/18/07 13:39:33 [Error]: 4028 5
01/18/07 13:39:34 [Note]: 4000 5
01/18/07 13:39:34 [Note]: 4007 5
01/18/07 13:39:34 [Error]: 4028 5
01/18/07 13:39:37 [Note]: 4000 5
01/18/07 13:39:37 [Note]: 4007 5
01/18/07 13:39:37 [Error]: 4028 5
01/18/07 13:39:40 [Note]: 4000 5
01/18/07 13:39:40 [Note]: 4007 5
01/18/07 13:39:40 [Error]: 4028 5
01/18/07 13:39:42 [Note]: 4000 5
01/18/07 13:39:42 [Note]: 4007 5
01/18/07 13:39:42 [Error]: 4028 5
01/18/07 13:39:51 [Note]: 4000 5
01/18/07 13:39:51 [Note]: 4007 5
01/18/07 13:39:51 [Error]: 4028 5
01/18/07 13:39:55 [Note]: 4000 5
01/18/07 13:39:55 [Note]: 4007 5
01/18/07 13:39:55 [Error]: 4028 5
01/18/07 13:39:58 [Note]: 4000 5
01/18/07 13:39:58 [Note]: 4007 5
01/18/07 13:39:58 [Error]: 4028 5
01/18/07 13:40:02 [Note]: 4000 5
01/18/07 13:40:02 [Note]: 4007 5
01/18/07 13:40:02 [Error]: 4028 5
01/18/07 13:40:06 [Note]: 4000 5
01/18/07 13:40:06 [Note]: 4007 5
01/18/07 13:40:06 [Error]: 4028 5
01/18/07 13:40:08 [Note]: 4000 5
01/18/07 13:40:08 [Note]: 4007 5
01/18/07 13:40:08 [Error]: 4028 5
01/18/07 13:40:26 [Note]: 4000 5
01/18/07 13:40:26 [Note]: 4007 5
01/18/07 13:40:26 [Error]: 4028 5
01/18/07 13:40:30 [Note]: 4000 5
01/18/07 13:40:30 [Note]: 4007 5
01/18/07 13:40:30 [Error]: 4028 5
01/18/07 13:40:34 [Note]: 4000 5
01/18/07 13:40:34 [Note]: 4007 5
01/18/07 13:40:34 [Error]: 4028 5
01/18/07 13:40:38 [Note]: 4000 5
01/18/07 13:40:38 [Note]: 4007 5
01/18/07 13:40:38 [Error]: 4028 5
01/18/07 13:40:44 [Note]: 4000 5
01/18/07 13:40:44 [Note]: 4007 5
01/18/07 13:40:44 [Error]: 4028 5
01/18/07 13:40:53 [Note]: 4000 5
01/18/07 13:40:53 [Note]: 4007 5
01/18/07 13:40:53 [Error]: 4028 5
01/18/07 13:41:08 [Note]: 4000 5
01/18/07 13:41:08 [Note]: 4007 5
01/18/07 13:41:08 [Error]: 4028 5
01/18/07 13:41:23 [Note]: 4000 5
01/18/07 13:41:23 [Note]: 4007 5
01/18/07 13:41:23 [Error]: 4028 5
01/18/07 13:41:32 [Note]: 4000 5
01/18/07 13:41:32 [Note]: 4007 5
01/18/07 13:41:32 [Error]: 4028 5
01/18/07 13:41:41 [Note]: 4000 5
01/18/07 13:41:41 [Note]: 4007 5
01/18/07 13:41:41 [Error]: 4028 5
01/18/07 13:41:50 [Note]: 4000 5
01/18/07 13:41:50 [Note]: 4007 5
01/18/07 13:41:50 [Error]: 4028 5
01/18/07 13:41:54 [Note]: 4000 5
01/18/07 13:41:54 [Note]: 4007 5
01/18/07 13:41:54 [Error]: 4028 5
01/18/07 13:42:00 [Note]: 4000 5
01/18/07 13:42:00 [Note]: 4007 5
01/18/07 13:42:00 [Error]: 4028 5
01/18/07 13:42:16 [Note]: 4000 5
01/18/07 13:42:16 [Note]: 4007 5
01/18/07 13:42:16 [Error]: 4028 5
01/18/07 13:42:31 [Note]: 4000 5
01/18/07 13:42:31 [Note]: 4007 5
01/18/07 13:42:31 [Error]: 4028 5
01/18/07 13:42:44 [Note]: 4000 5
01/18/07 13:42:44 [Note]: 4007 5
01/18/07 13:42:44 [Error]: 4028 5
01/18/07 13:42:56 [Note]: 4000 5
01/18/07 13:42:56 [Note]: 4007 5
01/18/07 13:42:56 [Error]: 4028 5
01/18/07 13:42:59 [Note]: 4000 5
01/18/07 13:42:59 [Note]: 4007 5
01/18/07 13:42:59 [Error]: 4028 5

Trogan

18 Jan 2007, 2:47pm

Not sure why the log is produced like that. Lets check something else out.

A bootlog is a file where windows writes down which drivers are loaded and which not during startup.
Using Windows explorer, see if you find c:\windows\ntbtlog.txt - If it exists, delete the file.
Click Start then Run and type in msconfig in the edit box and hit Enter or click Ok
Click on the boot.ini tab and check the box that says /BOOTLOG
Click Apply & Ok and reboot the PC (may take a bit longer to boot)
After it ReBoots, you will get a message that msconfig has been used to change your start settings.
In msconfig, Check Normal Startup on the GENERAL tab, and on the BOOT.INI tab, Uncheck /BOOTLOG. Click Apply, OK.
When a message asks if you want to Reboot now, Click Exit Without Reboot. You don't need to.
Using Windows Explorer, locate c:\windows\ntbtlog.txt and post the content of the file.

billthompson

18 Jan 2007, 2:58pm

Hi Trog,

Ok...got it, here it is:

Service Pack 1 1 18 2007 15:00:17.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\System32\DRIVERS\1394BUS.SYS
Loaded driver compbatt.sys
Loaded driver \WINDOWS\System32\DRIVERS\BATTC.SYS
Loaded driver intelide.sys
Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Loaded driver pcmcia.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver sr.sys
Loaded driver PxHelp20.sys
Loaded driver TPkd.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver timntr.sys
Loaded driver TVALG.SYS
Loaded driver TVALDX.SYS
Loaded driver TVALD.SYS
Loaded driver snapman.sys
Loaded driver sbp2port.sys
Loaded driver Mup.sys
Loaded driver agp440.sys
Loaded driver \SystemRoot\System32\DRIVERS\processr.sys
Loaded driver \SystemRoot\System32\DRIVERS\nv4_mini.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\System32\DRIVERS\e100b325.sys
Loaded driver \SystemRoot\System32\DRIVERS\wlluc48.sys
Loaded driver \SystemRoot\System32\DRIVERS\tsdhd.sys
Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\smcirda.sys
Loaded driver \SystemRoot\System32\DRIVERS\irenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\Drivers\Cdr4_xp.SYS
Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\System32\Drivers\Asapi.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdralw2k.SYS
Loaded driver \SystemRoot\System32\Drivers\pwd_2k.SYS
Loaded driver \SystemRoot\System32\Drivers\GEARAspiWDM.sys
Loaded driver \SystemRoot\system32\drivers\yacxgc.sys
Loaded driver \SystemRoot\System32\DRIVERS\AGRSM.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\System32\DRIVERS\CmBatt.sys
Loaded driver \SystemRoot\System32\DRIVERS\serscan.sys
Loaded driver \SystemRoot\System32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\System32\DRIVERS\rasirda.sys
Loaded driver \SystemRoot\System32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\System32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\System32\DRIVERS\psched.sys
Loaded driver \SystemRoot\System32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\update.sys
Loaded driver \SystemRoot\System32\Drivers\dvd_2K.SYS
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Fdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdr4_xp.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdralw2k.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\DRIVERS\AvgAsCln.sys
Loaded driver \SystemRoot\System32\Drivers\avgclean.sys
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\cdudf_xp.SYS
Loaded driver \SystemRoot\System32\Drivers\DVDVRRdr_xp.SYS
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\System32\Drivers\UDFReadr.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\System32\DRIVERS\SynTP.sys
Loaded driver \SystemRoot\System32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\System32\DRIVERS\hidusb.sys
Loaded driver \SystemRoot\System32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouhid.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\System32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\avg7core.sys
Loaded driver \SystemRoot\System32\Drivers\avg7rsw.sys
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Loaded driver \SystemRoot\System32\Drivers\avg7rsxp.sys
Loaded driver \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
Loaded driver \SystemRoot\System32\DRIVERS\tifsfilt.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\System32\DRIVERS\irda.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndisuio.sys
Did not load driver \SystemRoot\System32\drivers\afd.sys
Did not load driver \SystemRoot\System32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\DRIVERS\mrxdav.sys
Loaded driver \SystemRoot\system32\drivers\wdmaud.sys
Loaded driver \SystemRoot\system32\drivers\sysaudio.sys
Loaded driver \SystemRoot\system32\drivers\splitter.sys
Loaded driver \SystemRoot\system32\drivers\aec.sys
Loaded driver \SystemRoot\system32\drivers\swmidi.sys
Loaded driver \SystemRoot\system32\drivers\DMusic.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Did not load driver \SystemRoot\System32\Drivers\Parport.SYS
Loaded driver \SystemRoot\System32\Drivers\avgtdi.sys
Did not load driver \SystemRoot\System32\Drivers\Ca536av.sys
Loaded driver \SystemRoot\System32\Drivers\MASPINT.SYS
Loaded driver \??\C:\WINDOWS\System32\drivers\tmcomm.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys

Trogan

18 Jan 2007, 3:01pm

Thanks for that. I need to go through each file carefully to make sure nothing is bad. I'll post back soon.

billthompson

18 Jan 2007, 3:04pm

man, thanks for all your help...wish i knew how to do this myself!

Trogan

18 Jan 2007, 3:26pm

That log is clean too. How is the computer running? Your computer seems to be clean of malware.

You can delete these tools...

ComboFix
Blacklight

billthompson

18 Jan 2007, 3:45pm

hm...well, i'll try to run that multitrack program again...i've had technicians check the hardware too, so i don't think it's that...i'll get back to you in a few...thanks so far for all your work!

billthompson

18 Jan 2007, 4:27pm

Hi Trog,

Well, no luck. It still won't play audio multi tracks without seriously studdering all over the place-even with only 4 tracks. It's acting like I don't have any RAM, but I've got a gig. The techs I took it to said it passed their RAM tests and I remember running an online test too and it seemed to pass. I'm wondering if I'm just going to have to wipe the harddrive and reinstall-but that'd be a bummer if it turned out to be just a couple of bad RAM-chips! Do you have any thoughts?

Thanks for allllll your help.

Bill

Trogan

18 Jan 2007, 4:34pm

I'm no Windows or Hardware expert, unfortunately. It could be software conflict, but I have no idea...sorry.

You could try posting in the Windows or General Software forum and see what responses you get.

Good luck!

billthompson

18 Jan 2007, 4:36pm

Hm...well, I haven't added anything new. And I tried two different multitracking software packages and they both responded the same (I see this on other machines which lack sufficient ram)...oh well, at least I know we've run it through it's paces. Thanks again for all the help.

Bill

jmoney3457

18 Jan 2007, 4:50pm

bill would you like me to move this to the windows forum for you where you'll get more answers and people their are windows experts? :)

billthompson

18 Jan 2007, 4:59pm

hi....sure, if you think it could help...I hate to waste anyone's time...i'm so tempted to just ask my tech people to just switch out the ram and see if that helps (bugger the tests!) ;)

thanks again for the help tho, regardless if it was totally fixed.

jmoney3457

18 Jan 2007, 5:01pm

thread moved to windows forum:thumbsup:

billthompson

18 Jan 2007, 5:03pm

ok, thanks again! I've got to run off to do some more work in the 'real' world but will be back tonight...thanks again.

Bill

Leonardo

18 Jan 2007, 5:23pm

Bill, considering that we haven't found a malware culprit, I'm wondering if the slowdown is heat induced. It could be that your CPU is overheating and motherboard coding is reducing the output of the CPU (processor). How long have you had this computer and have you ever cleaned out the dust and lint?

mtrox

18 Jan 2007, 8:41pm

^^Good thought^^ The other thing that can cripple your CPU is the power settings. Have you changed those lately? Last I knew Toshiba had their own power management utility, but many of them can throttle a CPU down to a third of their capacity...all in the name of saving power...even when the $#@! thing is plugged in!

Right click on My Computer, then left click on Properties...you'll see a window like the attachment. See the number circled in red? Its the same as the one above it which means my processor is running at full power. If yours is running significantly slower than the full speed of your CPU, you might try something like "Always On" in power settings to see what that does for you.

billthompson

18 Jan 2007, 9:58pm

Hi Everyone,

Well...sounds like a couple of good suggestions. Actually my ram was cooked last year by it overheating and I replaced 1/2 of it and that fixed that. So maybe I do have to clean it out...how do I go about doing that?

And I did check that window and it says this:4-M CPU 2.00GHZ
1.99GHZ, 1 GB of Ram.

And you're right about Toshiba having it's own power utility...I have it set to favor performance over battery life and I think I've followed the winxp guide for audio for that setting...

Anyway...I'd like to try the dust/lint thing...can you talk me through it?

Thanks,

Bill

ps...I've had the computer for about 4 years or so and realllllly used it, so I've got my money's worth...still, I'd like to get another year or three from it if I can ;)

Leonardo

19 Jan 2007, 12:01am

Four years on a properly maintained, quality laptop should not incur performance slowdowns. The best way to clean out a laptop is to perform a partial or complete disassembly, depending on the machine. This I would NOT recommend unless you are very handy with computer hardware. In your case, first try blowing compressed air through all the intake and exhaust vents on the laptop's case. You can use a hose from an air compressor if you know the compressor's air output to contain no lubricating oil droplets. Some compressors air discharge will contain lubricating oil from the compressor's piston. But then, the easiest way is just to use a can of compressed air, found at hardware and computer stores.

If you think you have the necessary skills, or lacking the skills are willing to accept risk, you can disassemble the laptop down to the heatsink/fan unit that cools the CPU. Don't even think about this procedure if you don't have access to a service manual. Once you have access to that heatsink, blow out the fan and the heatsink vanes with air. You could also remove the heatsink, remove the old factory thermal interface material and apply new thermal material. I would not recommend this unless you are sure you know what you are doing.

One of our members here at Short-Media posted a number of Toshiba laptop disassembly guides. Do a search for "Toshiba" and you should be able to find them.

billthompson

19 Jan 2007, 12:49pm

hmm. well i tried to do it but chickened out when the case didn't easily come off...i think i'll just take it in and pay the 35 pounds to have it serviced. i'll let you guys know the results when i get it back...thanks again for all your suggestions.

bill

Pterocarpous

19 Jan 2007, 3:24pm

...Right click on My Computer, then left click on Properties...you'll see a window like the attachment. See the number circled in red? Its the same as the one above it which means my processor is running at full power. If yours is running significantly slower than the full speed of your CPU, you might try something like "Always On" in power settings to see what that does for you...
Hey mtrox. Is this a feature built into the OEM OS on most LTs these days? I looked @ my desktops and my own old IBM LT. Didn't see that 2nd speed indicator. 'Course the OEM build on my ol' IBM went bye bye eons ago... And the desktops I built myself - so no OEM builds at my disposal to check this out at the moment...

Pterocarpous

19 Jan 2007, 3:43pm

...Actually my ram was cooked last year by it overheating and I replaced 1/2 of it and that fixed that. So maybe I do have to clean it out...how do I go about doing that?...I've had the computer for about 4 years or so and realllllly used it, so I've got my money's worth...still, I'd like to get another year or three from it if I can ;)
Hey Bill,

The fact that you had an over-heating problem w/ this system in the past is telling.

Was the root cause of the over-heating ever sorted out?

IOW (in other words), did you find out what the source of the over-heating problem was? (e.g. dead fan(s), blocked vents due to dust and dirt, etc. as Leonardo has suggested...)

-OR-

Was the overheating caused by blocked vents due to mishandling that caused the vents to be blocked while the system was running? e.g. sitting the LT (laptop computer) on something soft - like a pillow or blankets on a bed for instance - This is a very common mistake made by LT owners and it can cause a melt down very quickly...

-OR-

Was it (and I've seen this, too) just poor engineering on the part of the manufacturer. IOW, the system just runs hot, period.

It might've been prudent to replace all of your system RAM (http://en.wikipedia.org/wiki/Random_access_memory) (memory) at the time you replaced the other system RAM module that failed as a result of over-heating. Surely, the remaining RAM suffered damage as well. Even if your RAM does pass a memory check, it could be degraded...

As has been suggested, I'd follow the over-heating angle and investigate that closely. This does require disassembling your LT, however and powering it on (to check fan(s)) w/ pieces & parts removed. If you're not comfortable w/ this then, definetly let an expert do it for you. LTs can be a devil to deal w/ when trying to get at their innards.

EDIT://
While you or the shop techs are at it, I'd recommend you test the app.' (application) you're having difficulty running with your current system RAM removed and a new module installed instead. (Even if it does pass memory diagnostics.)

Trogan

19 Jan 2007, 3:51pm

What does IOW stand for?

Pterocarpous

19 Jan 2007, 3:56pm

What does IOW stand for?
Hey, Trogan.. IOW = In other words

Sorry 'bout the confusion...

Trogan

19 Jan 2007, 4:05pm

No problem. I tried but couldn't figure it out, so I had to ask.

Pterocarpous

19 Jan 2007, 4:19pm

No problem. I tried but couldn't figure it out, so I had to ask.
Don't feel bad. I had the same problem w/ acronym's in THIS (http://www.short-media.com/forum/showthread.php?p=454991#post454991) thread myself yesterday...(see posts 12-15) :smiles:

Pterocarpous

19 Jan 2007, 4:27pm

No problem. I tried but couldn't figure it out, so I had to ask.
I've had some (not always, that's for sure) success consulting these and other online references when presented w/ an acronym, term, expression, word, etc. I didn't understand. Acronym Finder (http://www.acronymfinder.com/), Urban Dictionary (http://www.urbandictionary.com/) & the old standby Wikipedia (http://www.wikipedia.org/). :)

Trogan

19 Jan 2007, 4:46pm

Thanks for sharing those. :)

Pterocarpous

19 Jan 2007, 4:49pm

Thanks for sharing those. :)
My pleasure! :thumbsup:

billthompson

19 Jan 2007, 4:53pm

Hi Ptero,

I'll take all of those considerations in with me when I talk to my tech guys. I think they 'serviced' the lt when I took it in, cleaned all the filters, changed the 'grease' (I guess this is on the heatsink)...at a later date, I replaced a faulty fan as well...so I guess this is an issue on this lt. A google search reveals that toshiba lt's are notorious for heat problems...so, I'll ask them to crack it open, clean all the fans/heatsinks/vents and to swap out ALL of the ram and see if that makes a difference.

I do have new lt coming on Wednesday but I'd like to have this as my backup and it can't do that if it can only to web searches :)

Thanks for your help and I'll let you know when I get it back what the verdict is.

Talk to you soon,

Bill

Pterocarpous

19 Jan 2007, 5:15pm

...Hi Ptero,...
Hey, Bill
...cleaned all the filters, changed the 'grease' (I guess this is on the heatsink)...
The "grease" is "heatsink compound" a.k.a. "thermal paste". This compound/paste is applied to the CPU (http://en.wikipedia.org/wiki/Cpu) where the heat sink assembly (http://en.wikipedia.org/wiki/Heat_sink) will come into contact with it. It (the heat sink compound) has special thermal conductive properties that aid in the transfer of heat from the CPU to the heat sink. The cooling of your CPU occurs by the heat being "wicked" off of the CPU and onto the heat sink. In turn the heat sink is cooled by (usually) a fan. This sets up a cycle of cooling. This cycle can be interrupted by a failed or failing fan or poor heat transfer from the CPU to the heat sink (caused by no heat sink compound or poor contact between the CPU and the heat sink). The CPU cooling cycle can also be interrupted or degraded if the ambient temperature inside the computer's case is too high for it to be adequately effective. This can be caused by blocked vents, failure of another fan w/in the case or (in some cases) poor design.
...at a later date, I replaced a faulty fan as well...so I guess this is an issue on this lt. A google search reveals that toshiba lt's are notorious for heat problems...so, I'll ask them to crack it open, clean all the fans/heatsinks/vents and to swap out ALL of the ram and see if that makes a difference...
Because this is a system that experiences overheating problems, as a matter of preventative maintenance, I'd recommend you have them R&R (remove and replace) the heat sink assembly fan and add thermal paste regardless of their findings (or the apparent condition of the fan).
...Thanks for your help and I'll let you know when I get it back what the verdict is...Talk to you soon, Bill...
You're certainly welcome, Bill. Yes, definetly keep us apprised.

Good luck! :smiles:

Pterocarpous

19 Jan 2007, 5:36pm

With respect to addressing the apparent inherent over-heating issue w/ this system, I recommend you always operate the LT (laptop computer) w/ it lifted up two or more inches from the surface. IOW (in other words), providing ample space between the bottom of the LT and the surface for air to be able to circulate around and inside the unit.

You can actually purchase mounts exactly for this purpose. Some even have fans built in. (I'd recommend one w/ fans.)

The mount (I'm not sure what to call it) rests on the surface and, in turn, the LT is placed atop the mount.

EDIT://
You can find examples of what I am referring to HERE (http://www.newegg.com/Product/ProductList.asp?DEPA=0&type=&Description=laptop+cooling&Submit=ENE&N=0&Ntk=all) & HERE (http://www.hardwarecooling.com/default.php/cat/33/Laptop_Cooling?).

For more references/sources, just perform a search in your favorite search engine on LAPTOP COOLING.