Answers to your tech questions
Computer forums for help with removing malicious software (malware) and improving computer security

Welcome Guest to What the Tech! ( Log In | Register ) We specialize in the removal of malicious software (malware), but here you'll find free help and support for all your tech questions. We invite you to ask questions, share experiences, and learn. Explore our message boards, or register now to post messages of your own. Please Start Here. Register today (registration removes advertising)

2 Pages V   1 2 >  
Closed TopicStart new topic
> [Resolved] restarting topic (former closed due to inactivity), LDTate, this are the logs
red nose
post Oct 14 2008, 02:01 PM
Post #1


Authentic Member
**

Group: Authentic Member
Posts: 30
Joined: 17-July 07
From: poland
Member No.: 71,490
Operating System: windows XP sp2



hello LDTate,
I'm back in Poland, and hoping you're still be able to help me.
I did as you suggested, Computer seems to work without trublle, but i noticed that when i'am using real player ,
the PC stops after a copple of minutes, the screen stands still(frozen) and the mouse does not move on the screen.
I have to restart and the pc works fine again.
I also noticed that playing games( enemy terittory) is no longer possible, after some time ( minutes) the screen begins to vibrate, and then the computer stops.
Some times I also got the message that my system was recoverd from a big failure.

Here are the logs:

Logfile of HijackThis v1.99.1
Scan saved at 18:14:11, on 14-10-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\twain_32\A4CIS\WATCH.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
I:\pre-program set-up\hyjackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS\WATCH.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=23100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: znetm32 - C:\WINDOWS\SYSTEM32\znetm32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

Malwarebytes' Anti-Malware 1.28
Database version: 1268
Windows 5.1.2600 Service Pack 3

14-10-2008 18:10:26
mbam-log-2008-10-14 (18-10-26).txt

Scan type: Quick Scan
Objects scanned: 47119
Time elapsed: 5 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Greetings from Poland Ruud


Go to the top of the page
 
+Quote Post
LDTate
post Oct 14 2008, 02:41 PM
Post #2


Forum God
Group Icon

Group: Root Admin
Posts: 40,638
Joined: 23-September 04
From: Missouri, USA
Member No.: 15,276




DO NOT use any TOOLS such as Combofix, Vundofix, or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.



Download ComboFix from Here or Here to your Desktop.

In the event you already have Combofix, this is a new version that I need you to download.
It must be saved directly to your desktop.


Make sure you are disconnected from the net

1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again afterwards before connecting to the net


2. Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running combofix.
  • IF you have not already done so Combofix will disconnect your machine from the Internet when it starts.
  • If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.


3. Now double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review

Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze.
Give it atleast 20-30 minutes to finish if needed.
Go to the top of the page
 
+Quote Post
red nose
post Oct 16 2008, 02:06 AM
Post #3


Authentic Member
**

Group: Authentic Member
Posts: 30
Joined: 17-July 07
From: poland
Member No.: 71,490
Operating System: windows XP sp2



hello LDTate,
I think something went wrong with my post from yesterday, because i don't see it here.
I will reply again.
After running combofix ,my pc seems to work better, even real-player worked for a while, i had no time to test it for a longer period, but before it was a matter of minutes befor my PC holds.
Here are the Logs:

1)Logfile of HijackThis v1.99.1
Scan saved at 21:54:16, on 15-10-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\WINDOWS\twain_32\A4CIS\WATCH.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
I:\pre-program set-up\hyjackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS\WATCH.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=23100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: znetm32 - C:\WINDOWS\SYSTEM32\znetm32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

2)
ComboFix 08-10-15.01 - ruud 2008-10-15 21:17:40.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1043.18.412 [GMT 2:00]
Uruchomiony z: C:\Documents and Settings\ruud\Bureaublad\ComboFix.exe
* Utworzono nowy punkt przywracania

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
( here a translation, because i do not know if this is important: recovery console is not installed on this system)
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\ruud\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
((((((((((((((((((((((((( Pliki utworzone od 2008-09-15 do 2008-10-15 )))))))))))))))))))))))))))))))
.

2008-10-15 09:12 . 2008-09-15 17:28 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 08:58 . 2008-08-14 15:27 2,193,536 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 08:58 . 2008-08-14 15:27 2,149,888 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 08:58 . 2008-08-14 15:27 2,070,400 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 08:58 . 2008-08-14 15:27 2,028,544 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-14 19:21 . 2008-10-14 19:21 <DIR> d-------- C:\Program Files\DNA
2008-10-14 19:21 . 2008-10-15 02:10 <DIR> d-------- C:\Program Files\BitTorrent
2008-10-14 19:21 . 2008-10-15 21:15 <DIR> d-------- C:\Documents and Settings\ruud\Application Data\DNA
2008-10-14 18:02 . 2008-10-14 18:04 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-14 18:02 . 2008-10-14 18:02 <DIR> d-------- C:\Documents and Settings\ruud\Application Data\Malwarebytes
2008-10-14 18:02 . 2008-10-14 18:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-14 18:02 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-14 18:02 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-13 21:34 . 2008-10-13 21:34 <DIR> d-------- C:\Documents and Settings\ruud\Application Data\ESET
2008-10-13 21:33 . 2008-10-13 21:33 <DIR> d-------- C:\Program Files\ESET
2008-10-13 21:33 . 2008-10-13 21:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-10-02 17:02 . 2008-10-02 17:02 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-10-01 17:01 . 2008-10-01 17:01 <DIR> d-------- C:\Program Files\APC
2008-10-01 17:01 . 2004-08-10 15:35 4,142,592 --a------ C:\WINDOWS\system32\qtintf.dll
2008-10-01 16:54 . 2008-04-13 20:36 20,352 --a------ C:\WINDOWS\system32\drivers\hidbatt.sys
2008-10-01 16:54 . 2008-04-13 20:36 20,352 --a--c--- C:\WINDOWS\system32\dllcache\hidbatt.sys
2008-10-01 16:54 . 2008-04-13 20:36 14,208 --a------ C:\WINDOWS\system32\drivers\battc.sys
2008-10-01 16:54 . 2008-04-13 20:36 14,208 --a--c--- C:\WINDOWS\system32\dllcache\battc.sys
2008-10-01 16:54 . 2008-04-13 20:36 10,240 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2008-10-01 16:54 . 2008-04-13 20:36 10,240 --a--c--- C:\WINDOWS\system32\dllcache\compbatt.sys
2008-09-28 23:16 . 2008-09-28 23:16 <DIR> d-------- C:\Program Files\Sun
2008-09-25 09:41 . 2008-09-25 09:41 <DIR> d--h-c--- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-09-25 09:38 . 2008-09-25 09:41 <DIR> d-------- C:\Program Files\Uniblue
2008-09-25 09:37 . 2008-09-25 09:39 <DIR> d--h-c--- C:\Documents and Settings\All Users\Application Data\{1377D272-D99F-4A4B-9C83-A918F678475B}
2008-09-25 09:33 . 2008-09-25 09:33 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-09-25 09:25 . 2008-09-25 09:25 <DIR> dr-h----- C:\AHCache
2008-09-25 09:07 . 2008-09-25 09:07 <DIR> d-------- C:\Program Files\Uniblue DriverScanner 2009
2008-09-25 09:07 . 2008-09-25 09:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-09-25 09:04 . 2008-09-25 09:07 <DIR> d--h-c--- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-09-24 20:04 . 2008-09-24 21:47 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-09-22 12:24 . 2008-09-22 12:24 <DIR> d-------- C:\Program Files\PS-Wizard
2008-09-22 11:17 . 2004-08-03 23:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys
2008-09-22 11:17 . 2004-08-03 23:31 20,992 --a--c--- C:\WINDOWS\system32\dllcache\rtl8139.sys
2008-09-21 17:52 . 2008-09-25 09:45 <DIR> d-------- C:\Documents and Settings\ruud\Application Data\Uniblue
2008-09-20 15:56 . 2008-09-20 15:56 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-09-20 15:56 . 2008-09-20 15:56 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-09-17 19:48 . 2008-10-01 23:21 <DIR> d-------- C:\Documents and Settings\ruud\Application Data\U3

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-15 19:14 --------- d-----w C:\Documents and Settings\ruud\Application Data\MailWasherPro
2008-10-15 19:04 --------- d-----w C:\Documents and Settings\ruud\Application Data\BitTorrent
2008-10-15 11:28 2,556,928 ----a-w C:\WINDOWS\Internet Logs\xDB21.tmp
2008-10-14 22:07 29,184 ----a-w C:\WINDOWS\Internet Logs\xDB22.tmp
2008-10-13 20:59 25,600 ----a-w C:\WINDOWS\Internet Logs\xDB20.tmp
2008-10-13 19:51 2,525,696 ----a-w C:\WINDOWS\Internet Logs\xDB1F.tmp
2008-10-13 19:30 --------- d-----w C:\Program Files\Symantec
2008-10-13 19:30 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-13 19:28 --------- d-----w C:\Program Files\Norton SystemWorks
2008-10-13 19:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-10-13 11:26 15,872 ----a-w C:\WINDOWS\Internet Logs\xDB1E.tmp
2008-10-13 11:24 2,507,776 ----a-w C:\WINDOWS\Internet Logs\xDB1D.tmp
2008-10-13 11:19 18,432 ----a-w C:\WINDOWS\Internet Logs\xDB1C.tmp
2008-10-13 07:53 2,507,776 ----a-w C:\WINDOWS\Internet Logs\xDB1B.tmp
2008-10-13 07:32 29,696 ----a-w C:\WINDOWS\Internet Logs\xDB1A.tmp
2008-10-13 07:32 2,510,848 ----a-w C:\WINDOWS\Internet Logs\xDB19.tmp
2008-10-01 15:12 26,624 ----a-w C:\WINDOWS\Internet Logs\xDB18.tmp
2008-10-01 15:11 2,507,776 ----a-w C:\WINDOWS\Internet Logs\xDB17.tmp
2008-10-01 15:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-30 21:45 24,576 ----a-w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-09-30 21:04 2,507,776 ----a-w C:\WINDOWS\Internet Logs\xDB15.tmp
2008-09-29 20:43 2,510,848 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp
2008-09-29 20:25 28,672 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp
2008-09-28 21:16 --------- d-----w C:\Program Files\Java
2008-09-28 20:24 2,487,296 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-09-28 18:58 25,088 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp
2008-09-27 17:50 28,160 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-09-27 17:50 2,487,296 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-09-25 20:17 2,463,744 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-09-25 19:17 31,232 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-09-25 04:53 80,384 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2008-09-25 04:03 2,332,672 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2008-09-24 18:28 29,696 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2008-09-24 18:28 2,339,328 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2008-09-24 18:06 --------- d-----w C:\Program Files\HFXP2
2008-09-24 06:46 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-24 06:46 --------- d-----w C:\Program Files\Startup Faster
2008-09-23 07:47 2,326,016 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-09-23 07:46 31,744 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2008-09-21 20:13 89,088 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-09-21 20:13 2,294,272 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-09-21 16:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-21 16:03 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-21 15:41 2,254,848 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-09-21 15:40 231,424 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-09-20 14:10 441,344 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-09-20 14:10 2,270,720 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-09-18 19:00 --------- d-----w C:\Program Files\SMAC
2008-09-16 16:50 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-09-16 16:24 244,224 ----a-w C:\WINDOWS\Internet Logs\xDB4B.tmp
2008-09-16 16:23 2,219,008 ----a-w C:\WINDOWS\Internet Logs\xDB4A.tmp
2008-09-15 18:50 2,214,912 ----a-w C:\WINDOWS\Internet Logs\xDB48.tmp
2008-09-15 18:49 223,232 ----a-w C:\WINDOWS\Internet Logs\xDB49.tmp
2008-09-15 15:28 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-14 18:17 29,696 ----a-w C:\WINDOWS\Internet Logs\xDB47.tmp
2008-09-14 18:17 2,215,936 ----a-w C:\WINDOWS\Internet Logs\xDB46.tmp
2008-09-14 17:47 138,280 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-14 17:47 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-09-14 17:35 --------- d-----w C:\Program Files\GameSpy Arcade
2008-09-14 16:19 2,211,328 ----a-w C:\WINDOWS\Internet Logs\xDB44.tmp
2008-09-14 16:18 15,872 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
2008-09-14 16:11 41,472 ----a-w C:\WINDOWS\Internet Logs\xDB43.tmp
2008-09-14 16:11 2,211,328 ----a-w C:\WINDOWS\Internet Logs\xDB42.tmp
2008-09-14 14:57 2,212,864 ----a-w C:\WINDOWS\Internet Logs\xDB40.tmp
2008-09-14 14:55 182,784 ----a-w C:\WINDOWS\Internet Logs\xDB41.tmp
2008-09-14 02:57 52,736 ----a-w C:\WINDOWS\Internet Logs\xDB3F.tmp
2008-09-14 02:57 2,211,840 ----a-w C:\WINDOWS\Internet Logs\xDB3E.tmp
2008-08-19 22:19 --------- d-----w C:\Program Files\MSN Messenger
2008-08-15 16:42 --------- d-----w C:\Documents and Settings\ruud\Application Data\URSoft
2008-08-14 13:27 2,193,536 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:27 2,070,400 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-10 20:05 35,363 ----a-w C:\WINDOWS\system32\windrvNT.sys
2008-07-29 23:34 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
2008-07-29 23:34 83,968 ----a-w C:\WINDOWS\system32\mscories.dll
2008-07-29 23:34 41,984 ----a-w C:\WINDOWS\system32\netfxperf.dll
2008-07-29 23:34 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
2008-07-29 23:34 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
2008-07-29 19:10 73,720 ----a-w C:\WINDOWS\system32\dxva2.dll
2008-07-29 19:10 493,048 ----a-w C:\WINDOWS\system32\evr.dll
2008-07-29 18:35 326,160 ----a-w C:\WINDOWS\system32\PresentationHost.exe
2008-07-29 17:59 781,344 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
2008-07-29 17:59 43,544 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll
2008-07-29 17:59 161,296 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll
2008-07-29 17:59 105,016 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-05-05 09:26 31,704 ----a-w C:\Documents and Settings\ruud\Application Data\GDIPFONTCACHEV1.DAT
.
CODE
<pre>
----a-w            25,088 2006-01-31 19:49:03  C:\Program Files\SlySoft\CloneCD\Crack clone cd 5.2.6.1 .exe
</pre>



((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"Window Washer"="C:\Program Files\Webroot\Washer\wwDisp.exe" [2007-11-26 1206600]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-10-14 289088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 221184]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 8491008]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 81920]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-09 155648]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-14 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 C:\WINDOWS\system32\bthprops.cpl]
"C-Media Mixer"="Mixer.exe" [2002-07-12 C:\WINDOWS\mixer.exe]
"nwiz"="nwiz.exe" [2007-10-04 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\ruud\Menu Start\Programma's\Opstarten\
Watch.lnk - C:\WINDOWS\twain_32\A4CIS\WATCH.exe [2008-01-09 176640]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe [2008-10-01 221247]
ZoneAlarm Pro.lnk - C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe [2008-01-09 636200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\znetm32]
2004-06-25 21:13 10752 C:\WINDOWS\system32\znetm32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64.exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64[1].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64[2].exe]
"Debugger"=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"CloneDVDElbyDelay"="C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
"C:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\LimeWire Plus\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"4382:TCP"= 4382:TCP:messenger

R0 HFXP2;HFXP2;C:\WINDOWS\system32\DRIVERS\HFXP2.SYS [2006-08-01 13824]
R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 3744]
R2 MA1908Driver;MA1908Driver;C:\WINDOWS\system32\drivers\ma1908.sys [1998-07-09 22528]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 3904]
R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-11-26 598856]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - PROCEXP90
.
Zawartość folderu 'Zaplanowane zadania'

2008-10-15 C:\WINDOWS\Tasks\Easy Onderhoud.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-27 10:05]
.
.
------- Skan uzupełniający -------
.
FireFox -: Profile - C:\Documents and Settings\ruud\Application Data\Mozilla\Firefox\Profiles\4xadhkpv.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.startpagina.nl/
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 21:20:17
Windows 5.1.2600 Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...


C:\sccfg.sys 448 bytes

skanowanie pomyślnie ukończone
ukryte pliki: 1

**************************************************************************
.
Czas ukończenia: 2008-10-15 21:22:08
ComboFix-quarantined-files.txt 2008-10-15 19:22:04

Greetings Ruud

Przed: 13.181.575.168 bytes beschikbaar
Po: 13,167,919,104 bytes beschikbaar

396 --- E O F --- 2008-10-15 07:36:02
Go to the top of the page
 
+Quote Post
LDTate
post Oct 16 2008, 06:02 AM
Post #4


Forum God
Group Icon

Group: Root Admin
Posts: 40,638
Joined: 23-September 04
From: Missouri, USA
Member No.: 15,276




CODE
25,088 2006-01-31 19:49:03  C:\Program Files\SlySoft\CloneCD\[b]Crack[/b] clone cd 5.2.6.1 .exe

1.Click Start > Settings > Control Panel.
2.Next, open Add/Remove Programs and remove if listed:
SlySoft

Reboot and "copy/paste" a new HijackThis log file into this thread.

Also please describe how your computer behaves at the moment.
Go to the top of the page
 
+Quote Post
red nose
post Oct 17 2008, 03:04 PM
Post #5


Authentic Member
**

Group: Authentic Member
Posts: 30
Joined: 17-July 07
From: poland
Member No.: 71,490
Operating System: windows XP sp2



Hello LDTate,
In my programlist i can't find the program sly soft, however this is the company that made clone-cd i think.
The program clone cd is listed in the list, but i hesitate to remove it, because (sure it is cracked), but i use this for years now ,and it never gave me problems.
My PC runs much better, also does real-player, i only get the next error pop-up from time to time,when i'm opening a map where i store downloaded movies, i do not know what to do with it so i have to click it away(several times before it is gone)

OS: Windows XP Professional, SP3
CPU: GenuineIntel, Intel Pentium 4, MMX @ 1620 MHz

Application data:
VmVyc2lvbjogV2xGQlhVSlFWRlphUkU1RFJrTlZKQ2xTT3lRN1ZpQXN
BQWRWUHlFOEl6QnpaSHQrZHpNa0lqc2tJelpGY25SOWVHcC9SemM3Uj
NKNGIzRkRNUT09DQpJbWFnZUJhc2U6IDBBQjUwMDAwDQpFaXA6IDQ2M
UNFQjANCkVheDogOTk1MDAwMA0KRWN4OiBDOTg0QzcwDQpFZHg6IDAN
CkVieDogMA0KRXNpOiBDOTg0QkI4DQpFZGk6IDUyQTAwMDANCkVicDo
gNDUwRTY0Qw0KRXNwOiA0NTBFNTIwDQotMQ0KQ29kZSA9IFsyMDRdDQ
otIDANCi0gMjA0DQotIDIyNw0KLSAwDQotIFtdDQo+IEM6XFdJTkRPV
1NcZXhwbG9yZXIuZXhlDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcbnRk
bGwuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJca2VybmVsMzIuZGx
sDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcQURWQVBJMzIuZGxsDQo+IE
M6XFdJTkRPV1Ncc3lzdGVtMzJcUlBDUlQ0LmRsbA0KPiBDOlxXSU5ET
1dTXHN5c3RlbTMyXFNlY3VyMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lz
dGVtMzJcQlJPV1NFVUkuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJ
cR0RJMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcVVNFUjMyLm
RsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXG1zdmNydC5kbGwNCj4gQ
zpcV0lORE9XU1xzeXN0ZW0zMlxvbGUzMi5kbGwNCj4gQzpcV0lORE9X
U1xzeXN0ZW0zMlxTSExXQVBJLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3R
lbTMyXE9MRUFVVDMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXF
NIRE9DVlcuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcQ1JZUFQzM
i5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxNU0FTTjEuZGxsDQo+
IEM6XFdJTkRPV1Ncc3lzdGVtMzJcQ1JZUFRVSS5kbGwNCj4gQzpcV0l
ORE9XU1xzeXN0ZW0zMlxORVRBUEkzMi5kbGwNCj4gQzpcV0lORE9XU1
xzeXN0ZW0zMlxWRVJTSU9OLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3Rlb
TMyXFdJTklORVQuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcV0lO
VFJVU1QuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcSU1BR0VITFA
uZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcV0xEQVAzMi5kbGwNCj
4gQzpcV0lORE9XU1xzeXN0ZW0zMlxTSEVMTDMyLmRsbA0KPiBDOlxXS
U5ET1dTXHN5c3RlbTMyXFV4VGhlbWUuZGxsDQo+IEM6XFdJTkRPV1Nc
c3lzdGVtMzJcU2hpbUVuZy5kbGwNCj4gQzpcV0lORE9XU1xBcHBQYXR
jaFxBY0dlbnJhbC5ETEwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxXSU
5NTS5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxNU0FDTTMyLmRsb
A0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFVTRVJFTlYuZGxsDQo+IEM6
XFdJTkRPV1NcV2luU3hTXHg4Nl9NaWNyb3NvZnQuV2luZG93cy5Db21
tb24tQ29udHJvbHNfNjU5NWI2NDE0NGNjZjFkZl82LjAuMjYwMC41NT
EyX3gtd3dfMzVkNGNlODNcY29tY3RsMzIuZGxsDQo+IEM6XFdJTkRPV
1Ncc3lzdGVtMzJcY29tY3RsMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lz
dGVtMzJcbnZpZXcuZGxsDQoNCjYuMTQuMTAuMTExMjINCjYuMTQuMTA
uMTExMjINCg0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFBTQVBJLkRMTA
0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXE5UTUFSVEEuRExMDQo+IEM6X
FdJTkRPV1Ncc3lzdGVtMzJcU0FNTElCLmRsbA0KPiBDOlxXSU5ET1dT
XHN5c3RlbTMyXE5WV1JTTkwuRExMDQoNCk5WSURJQSBDb3Jwb3JhdGl
vbg0KTlZJRElBIG5WaWV3IERlc2t0b3AgYW5kIFdpbmRvdyBNYW5hZ2
VyDQo2LjE0LjEwLjExMTIyDQpOVldSU05MDQpDb3B5cmlnaHQgKGMpM
jAwMS0yMDA0IE5WSURJQSBDb3Jwb3JhdGlvbg0KTlZXUlNOTC5kbGwN
CjYuMTQuMTAuMTExMjINCk5WSURJQSBuVmlldyBEZXNrdG9wIGFuZCB
XaW5kb3cgTWFuYWdlcg0KDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTV
NDVEYuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcYXBwSGVscC5kb
GwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxDTEJDQVRRLkRMTA0KPiBD
OlxXSU5ET1dTXHN5c3RlbTMyXENPTVJlcy5kbGwNCj4gQzpcV0lORE9
XU1xTeXN0ZW0zMlxjc2N1aS5kbGwNCj4gQzpcV0lORE9XU1xTeXN0ZW
0zMlxDU0NETEwuZGxsDQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcdGhlb
WV1aS5kbGwNCj4gQzpcV0lORE9XU1xTeXN0ZW0zMlxNU0lNRzMyLmRs
bA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXHhwc3AycmVzLmRsbA0KPiB
DOlxXSU5ET1dTXFN5c3RlbTMyXG1zdXRiLmRsbA0KPiBDOlxXSU5ET1
dTXHN5c3RlbTMyXExJTktJTkZPLmRsbA0KPiBDOlxXSU5ET1dTXHN5c
3RlbTMyXG50c2hydWkuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJc
QVRMLkRMTA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXE5FVFNIRUxMLmR
sbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXGNyZWR1aS5kbGwNCj4gQz
pcV0lORE9XU1xzeXN0ZW0zMlxkb3QzYXBpLmRsbA0KPiBDOlxXSU5ET
1dTXHN5c3RlbTMyXHJ0dXRpbHMuZGxsDQo+IEM6XFdJTkRPV1Ncc3lz
dGVtMzJcZG90M2RsZy5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlx
PbmVYLkRMTA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFdUU0FQSTMyLm
RsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFdJTlNUQS5kbGwNCj4gQ
zpcV0lORE9XU1xzeXN0ZW0zMlxlYXBwY2ZnLmRsbA0KPiBDOlxXSU5E
T1dTXHN5c3RlbTMyXE1TVkNQNjAuZGxsDQo+IEM6XFdJTkRPV1Ncc3l
zdGVtMzJcZWFwcHByeHkuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMz
JcaXBobHBhcGkuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcV1MyX
zMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFdTMkhFTFAuZGxs
DQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcU0VUVVBBUEkuZGxsDQo+IEM
6XFdJTkRPV1Ncc3lzdGVtMzJcbXNpLmRsbA0KPiBDOlxXSU5ET1dTXF
N5c3RlbTMyXHdlYmNoZWNrLmRsbA0KPiBDOlxXSU5ET1dTXFN5c3Rlb
TMyXFdTT0NLMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcc3Rv
YmplY3QuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcQmF0TWV0ZXI
uZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcUE9XUlBST0YuZGxsDQ
o+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcbnZ3ZGRpLmRsbA0KDQpOVklES
UEgQ29ycG9yYXRpb24NCk5WSURJQSBuVmlldyBEaXNwbGF5IERyaXZl
ciBJbnRlcmZhY2UgTGliLCBWZXJzaW9uIDE2My43NQ0KNi4xNC4xMS4
2Mzc1DQpudndkZGkNCihDKSBOVklESUEgQ29ycG9yYXRpb24uIEFsbC
ByaWdodHMgcmVzZXJ2ZWQuDQpudndkZGkuZGxsDQo2LjE0LjExLjYzN
zUNCk5WSURJQSBuVmlldyBEaXNwbGF5IERyaXZlciBJbnRlcmZhY2Ug
TGliLCBWZXJzaW9uIDE2My43NQ0KDQo+IEM6XFdJTkRPV1Ncc3lzdGV
tMzJcYnJvd3NlbGMuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcd2
RtYXVkLmRydg0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXG1zYWNtMzIuZ
HJ2DQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcbWlkaW1hcC5kbGwNCj4g
QzpcV0lORE9XU1xzeXN0ZW0zMlx1cmxtb24uZGxsDQo+IEM6XFdJTkR
PV1Ncc3lzdGVtMzJcU1hTLkRMTA0KPiBDOlxXSU5ET1dTXHN5c3RlbT
MyXE1QUi5kbGwNCj4gQzpcV0lORE9XU1xTeXN0ZW0zMlxkcnByb3YuZ
GxsDQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcbnRsYW5tYW4uZGxsDQo+
IEM6XFdJTkRPV1NcU3lzdGVtMzJcTkVUVUkwLmRsbA0KPiBDOlxXSU5
ET1dTXFN5c3RlbTMyXE5FVFVJMS5kbGwNCj4gQzpcV0lORE9XU1xTeX
N0ZW0zMlxORVRSQVAuZGxsDQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcZ
GF2Y2xudC5kbGwNCj4gQzpcV0lORE9XU1xXaW5TeFNceDg2X01pY3Jv
c29mdC5XaW5kb3dzLkdkaVBsdXNfNjU5NWI2NDE0NGNjZjFkZl8xLjA
uMjYwMC41NTgxX3gtd3dfZGZiYzRmYzRcZ2RpcGx1cy5kbGwNCj4gQz
pcV0lORE9XU1xzeXN0ZW0zMlxEVVNFUi5kbGwNCj4gQzpcV0lORE9XU
1xzeXN0ZW0zMlxNU0dJTkEuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVt
MzJcT0RCQzMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXGNvbWR
sZzMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXG9kYmNpbnQuZG
xsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTUxBTkcuZGxsDQo+IEM6X
FByb2dyYW0gRmlsZXNcQ29tbW9uIEZpbGVzXEFoZWFkXGxpYlxNU1ZD
UjcxLmRsbA0KPiBDOlxQcm9ncmFtIEZpbGVzXENvbW1vbiBGaWxlc1x
BaGVhZFxsaWJcTVNWQ1A3MS5kbGwNCj4gQzpcUHJvZ3JhbSBGaWxlc1
xDb21tb24gRmlsZXNcQWRvYmVcQWNyb2JhdFxBY3RpdmVYXFBERlNoZ
WxsLk5MRA0KDQpBZG9iZSBTeXN0ZW1zLCBJbmMuDQpQREYgU2hlbGwg
RXh0ZW5zaW9uDQo4LjAuMC4wDQpQREZTaGVsbA0KQ29weXJpZ2h0IDI
wMDAtMjAwNiBBZG9iZSBTeXN0ZW1zLCBJbmMuDQpQREZTaGVsbC5kbG
wNCjguMC4wLjANCkFkb2JlIFBERiBTaGVsbCBFeHRlbnNpb24NCg0KP
iBDOlxXSU5ET1dTXHN5c3RlbTMyXG1zY21zLmRsbA0KPiBDOlxXSU5E
T1dTXHN5c3RlbTMyXFdJTlNQT09MLkRSVg0KPiBDOlxXSU5ET1dTXHN
5c3RlbTMyXGR4bWFzZi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMl
xEUk1DbGllbi5ETEwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxkZHJhd
y5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxEQ0lNQU4zMi5kbGwN
Cj4gQzpcUHJvZ3JhbSBGaWxlc1xDb21tb24gRmlsZXNcQWhlYWRcbGl
iXEFkdnJDbnRyMi5kbGwNCg0KTmVybyBBRw0KQWR2ckNudHIgTW9kdW
xlDQoyLDAsNCwgMzAzMQ0KQWR2ckNudHINCkNvcHlyaWdodCAoYykgM
jAwNSBOZXJvIEFHIGFuZCBpdHMgbGljZW5zb3JzDQpBZHZyQ250ci5E
TEwNCjIsMCw0LCAzMDMxDQpBZHZyQ250ciBNb2R1bGUNCg0KPiBDOlx
XSU5ET1dTXHN5c3RlbTMyXHJzYWVuaC5kbGwNCj4gQzpcV0lORE9XU1
xzeXN0ZW0zMlxzaGRvY2xjLmRsbA0KPiBDOlxXSU5ET1dTXFN5c3Rlb
TMyXGFjdHhwcnh5LmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXExR
Q1VJMi5kbGwNCg0KTG9naXRlY2ggSW5jLg0KUXVpY2tDYW0gVXNlciB
JbnRlcmZhY2UgTGFuZ3VhZ2UNCjguNC43LjEwMzQNCkxRQ1VJLkRMTA
0KKGMpIDE5OTYtMjAwNSBMb2dpdGVjaC4gIEFsbCByaWdodHMgcmVzZ
XJ2ZWQuDQpMUUNVSS5ETEwNCjguNC43LjEwMzQNCkxvZ2l0ZWNoIFF1
aWNrQ2FtDQoNCj4gQzpcV0lORE9XU1xTeXN0ZW0zMlxzdGkuZGxsDQo
+IEM6XFdJTkRPV1NcU3lzdGVtMzJcQ0ZHTUdSMzIuZGxsDQo+IEM6XF
Byb2dyYW0gRmlsZXNcQ29tbW9uIEZpbGVzXEFoZWFkXGxpYlxOTURhd
GFTZXJ2aWNlcy5kbGwNCg0KTmVybyBBRw0KTmVybyBIb21lDQoxLCAw
LCAxLCA5DQpOTURhdGFTZXJ2aWNlcw0KQ29weXJpZ2h0IChjKSAxOTk
1LTIwMDUgTmVybyBBRyBhbmQgaXRzIGxpY2Vuc29ycw0KTk1EYXRhU2
VydmljZXMuZGxsDQoxLCAwLCAxLCA5DQpOZXJvIEhvbWUNCjEsIDAsI
DEsIDkNCg0KPiBDOlxQcm9ncmFtIEZpbGVzXENvbW1vbiBGaWxlc1xB
aGVhZFxsaWJcTk1Db0ZvdW5kYXRpb24uZGxsDQoNCk5lcm8gQUcNCk5
lcm8gSG9tZQ0KMSwgMCwgMSwgOQ0KTk1Db0ZvdW5kYXRpb24NCkNvcH
lyaWdodCAoYykgMTk5NS0yMDA1IE5lcm8gQUcgYW5kIGl0cyBsaWNlb
nNvcnMNCk5NQ29Gb3VuZGF0aW9uLmRsbA0KMSwgMCwgMSwgOQ0KTmVy
byBIb21lDQoxLCAwLCAxLCA5DQoNCj4gQzpcUHJvZ3JhbSBGaWxlc1x
Db21tb24gRmlsZXNcQWhlYWRcbGliXE5NVkRTLmRsbA0KDQpOZXJvIE
FHDQpOZXJvIEhvbWUNCjEsIDAsIDEsIDkNCk5NVkRTDQpDb3B5cmlna
HQgKGMpIDE5OTUtMjAwNSBOZXJvIEFHIGFuZCBpdHMgbGljZW5zb3Jz
DQpOTVZEUy5kbGwNCjEsIDAsIDEsIDkNCk5lcm8gSG9tZQ0KMSwgMCw
gMSwgOQ0KDQo+IEM6XFByb2dyYW0gRmlsZXNcQ29tbW9uIEZpbGVzXE
FoZWFkXGxpYlxOTUluZGV4U3RvcmVTdnJQUy5kbGwNCg0KTmVybyBBR
w0KTmVybyBIb21lDQoxLCAwLCAxLCA5DQpOTUluZGV4U3RvcmVTdnJQ
Uw0KQ29weXJpZ2h0IChjKSAxOTk1LTIwMDUgTmVybyBBRyBhbmQgaXR
zIGxpY2Vuc29ycw0KTk1JbmRleFN0b3JlU3ZyUFMuZGxsDQoxLCAwLC
AxLCA5DQpOZXJvIEhvbWUNCjEsIDAsIDEsIDkNCg0KPiBDOlxQcm9nc
mFtIEZpbGVzXExvZ2l0ZWNoXFZpZGVvXEFsYnVEQnBzLmRsbA0KDQpM
b2dpdGVjaCBJbmMuDQpBbGJ1bSBEYXRhYmFzZSBQcm94eS9TdHViIER
MTA0KOC40LjcuMTAzNA0KQWxidW1EQnBzLmRsbA0KKGMpIDE5OTYtMj
AwNSBMb2dpdGVjaC4gIEFsbCByaWdodHMgcmVzZXJ2ZWQuDQpBbGJ1b
URCcHMuZGxsDQo4LjQuNy4xMDM0DQpMb2dpdGVjaCBRdWlja0NhbQ0K
DQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcUkFTQVBJMzIuRExMDQo+IEM
6XFdJTkRPV1Ncc3lzdGVtMzJccmFzbWFuLmRsbA0KPiBDOlxXSU5ET1
dTXHN5c3RlbTMyXFRBUEkzMi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0Z
W0zMlxtc3YxXzAuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcc2Vu
c2FwaS5kbGwNCj4gQzpcUHJvZ3JhbSBGaWxlc1xNaWNyb3NvZnQgT2Z
maWNlXE9mZmljZTEwXG1zb2hldi5kbGwNCj4gQzpcV0lORE9XU1xzeX
N0ZW0zMlx4cHNwMXJlcy5kbGwNCj4gQzpcUHJvZ3JhbSBGaWxlc1xDb
21tb24gRmlsZXNcQWRvYmVcQWNyb2JhdFxBY3RpdmVYXEFjcm9JRUhl
bHBlci5kbGwNCg0KQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQNCkF
kb2JlIFBERiBIZWxwZXIgZm9yIEludGVybmV0IEV4cGxvcmVyDQo4Lj
AuMC4yMDA2MTAyMjAwDQpBY3JvSUVIZWxwZXINCkNvcHlyaWdodCAxO
Tg0LTIwMDYgQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQgYW5kIGl0
cyBsaWNlbnNvcnMuIEFsbCByaWdodHMgcmVzZXJ2ZWQuDQpBY3JvSUV
IZWxwZXIuRExMDQo4LjAuMC4yMDA2MTAyMjAwDQpBY3JvSUVIZWxwZX
IgTGlicmFyeQ0KDQo+IEM6XFdJTkRPV1NcV2luU3hTXHg4Nl9NaWNyb
3NvZnQuVkM4MC5DUlRfMWZjOGIzYjlhMWUxOGUzYl84LjAuNTA3Mjcu
MzA1M194LXd3X2I4MGZhOGNhXE1TVkNSODAuZGxsDQo+IEM6XFByb2d
yYW0gRmlsZXNcQ29tbW9uIEZpbGVzXEFoZWFkXGxpYlxNZWRpYUxpYn
JhcnlOU0UuZGxsDQoNCk5lcm8gQUcNCk5lcm8gRmlsZSBEaWFsb2cNC
jEsIDAsIDEsIDgNCk1lZGlhTGlicmFyeU5TRQ0KQ29weXJpZ2h0IChj
KSAxOTk1LTIwMDUgTmVybyBBRyBhbmQgaXRzIGxpY2Vuc29ycw0KTWV
kaWFMaWJyYXJ5TlNFLmRsbA0KMSwgMCwgMSwgOA0KTmVybyBGaWxlIE
RpYWxvZw0KMSwgMCwgMSwgOA0KDQo+IEM6XFByb2dyYW0gRmlsZXNcQ
29tbW9uIEZpbGVzXEFoZWFkXGxpYlxNRkM3MVUuRExMDQo+IEM6XFBy
b2dyYW0gRmlsZXNcQ29tbW9uIEZpbGVzXEFoZWFkXGxpYlxOTVBsdWd
pbkJhc2UuZGxsDQoNCk5lcm8gQUcNCk5lcm8gSG9tZQ0KMSwgMCwgMS
wgOQ0KTk1QbHVnaW5CYXNlDQpDb3B5cmlnaHQgKGMpIDE5OTUtMjAwN
SBOZXJvIEFHIGFuZCBpdHMgbGljZW5zb3JzDQpOTVBsdWdpbkJhc2Uu
ZGxsDQoxLCAwLCAxLCA5DQpOZXJvIEhvbWUNCjEsIDAsIDEsIDkNCg0
KPiBDOlxQcm9ncmFtIEZpbGVzXExvZ2l0ZWNoXFZpZGVvXE5hbWVzcG
MyLmRsbA0KDQpMb2dpdGVjaCBJbmMuDQpMb2dpdGVjaCBOYW1lc3BhY
2UyDQo4LjQuNy4xMDM0DQpOYW1lc3BjMi5kbGwNCihjKSAxOTk2LTIw
MDUgTG9naXRlY2guICBBbGwgcmlnaHRzIHJlc2VydmVkLg0KTmFtZXN
wYzIuZGxsDQo4LjQuNy4xMDM0DQpMb2dpdGVjaCBRdWlja0NhbQ0KDQ
o+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTUZDNzEuRExMDQo+IEM6XFBST
0dSQX4xXE1JQ1JPU340XFdjZXN2aWV3LmRsbA0KPiBDOlxQUk9HUkF+
MVxNSUNST1N+NFxwZWdjb252LmRsbA0KPiBDOlxXSU5ET1dTXHN5c3R
lbTMyXENFVVRJTC5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxSQV
BJLmRsbA0KPiBDOlxQcm9ncmFtIEZpbGVzXE1TTiBNZXNzZW5nZXJcZ
nNzaGV4dC44LjEuMDE3OC4wMC5kbGwNCj4gQzpcUHJvZ3JhbSBGaWxl
c1xOZXJvXE5lcm8gN1xOZXJvIEJhY2tJdFVwXE5CU2hlbGwuZGxsDQp
DcmVhdGUgYmFja3VwcyBvZiBzZWxlY3RlZCBmaWxlcy9mb2xkZXJzL3
BhcnRpdGlvbnMvY29tcGxldGUgaGFyZCBkaXNrIHRvIGhhcmQgZGlza
ywgbmV0d29yayBkcml2ZSwgQ0QvRFZEIG9yIEZUUC4NCk5lcm8gQUcN
Ck5lcm8gQmFja0l0VXAgQXBwbGljYXRpb24NCjIsIDAsIDAsIDYNCk5
lcm8gQmFja0l0VXANCkNvcHlyaWdodCAoYykgMTk5NS0yMDA1IE5lcm
8gQUcgYW5kIGl0cyBsaWNlbnNvcnMNCk5CU2hlbGwuZGxsDQoyLCAwL
CAwLCA2DQpOZXJvIEJhY2tJdFVwDQoyLCAwLCAwLCA2DQoNCj4gQzpc
UHJvZ3JhbSBGaWxlc1xXaW5SQVJccmFyZXh0LmRsbA0KPiBDOlxQcm9
ncmFtIEZpbGVzXFVubG9ja2VyXFVubG9ja2VyQ09NLmRsbA0KPiBDOl
xQcm9ncmFtIEZpbGVzXE1hbHdhcmVieXRlcycgQW50aS1NYWx3YXJlX
G1iYW1leHQuZGxsDQpNYWx3YXJlYnl0ZXMnIEFudGktTWFsd2FyZQ0K
TWFsd2FyZWJ5dGVzIENvcnBvcmF0aW9uDQpNYWx3YXJlYnl0ZXMnIEF
udGktTWFsd2FyZQ0KMSwgMSwgMCwgMA0KbWJhbWV4dC5kbGwNCqkgTW
Fsd2FyZWJ5dGVzIENvcnBvcmF0aW9uLiBBbGwgcmlnaHRzIHJlc2Vyd
mVkLg0KbWJhbWV4dC5kbGwNCjEsIDEsIDAsIDANCk1hbHdhcmVieXRl
cycgQW50aS1NYWx3YXJlDQoNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlx
BdWRpb2Rldi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxXTVZDb3
JlLkRMTA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFdNQVNGLkRMTA0KP
iBDOlxXSU5ET1dTXHN5c3RlbTMyXGRpc2tjb3B5LmRsbA0KPiBDOlxQ
cm9ncmFtIEZpbGVzXEVTRVRcRVNFVCBTbWFydCBTZWN1cml0eVxzaGV
sbEV4dC5kbGwNCg0KRVNFVA0KU2hlbGwgRXh0ZW5zaW9uDQozLjAuNj
Y5IA0Kc2hlbGxFeHQuZGxsDQpDb3B5cmlnaHQgKGMpIEVzZXQgMTk5M
i0yMDA4LiBBbGwgcmlnaHRzIHJlc2VydmVkLg0KTk9ELCBOT0QzMiwg
QU1PTiwgRVNFVCBhcmUgcmVnaXN0ZXJlZCB0cmFkZW1hcmtzIG9mIEV
TRVQuDQpzaGVsbEV4dC5kbGwNCjMuMC42NjkgDQpFU0VUIFNtYXJ0IF
NlY3VyaXR5DQoNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxyc2h4MzIuZ
GxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcQVVUSFouZGxsDQo+IEM6
XFdJTkRPV1Ncc3lzdGVtMzJcdHdleHQuZGxsDQo+IEM6XFdJTkRPV1N
cc3lzdGVtMzJcQUNUSVZFRFMuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdG
VtMzJcYWRzbGRwYy5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxkc
2txdW91aS5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxkc2txdW90
YS5kbGwNCj4gQzpcV0lORE9XU1xTeXN0ZW0zMlxkZnNzaGxleC5kbGw
NCj4gQzpcV0lORE9XU1xTeXN0ZW0zMlxNU1ZGVzMyLmRsbA0KPiBDOl
xXSU5ET1dTXFN5c3RlbTMyXHFlZGl0LmRsbA0KPiBDOlxXSU5ET1dTX
HN5c3RlbTMyXHF1YXJ0ei5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0z
MlxkZXZlbnVtLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXERWb2J
TdWIuYXgNClZpc2l0IGh0dHA6Ly92b2JzdWIuZWRlbnNyaXNpbmcuY2
9tIGZvciB1cGRhdGVzLg0KR2FiZXN0DQpEaXJlY3RWb2JTdWINCjIsI
DAsIDIzLCAwDQpEaXJlY3RWb2JTdWINCkNvcHlyaWdodCAoQykgMjAw
MS0yMDAyIEdhYmVzdA0KRGlyZWN0Vm9iU3ViLkRMTA0KMiwgMCwgMjM
sIDANCkRpcmVjdFZvYlN1Yg0KDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMz
Jcdm9ic3ViLmRsbA0KVmlzaXQgaHR0cDovL3ZvYnN1Yi5lZGVuc3Jpc
2luZy5jb20gZm9yIHVwZGF0ZXMNCkdhYmVzdA0Kdm9ic3ViDQoyLCAw
LCAyMywgMA0Kdm9ic3ViDQpDb3B5cmlnaHQgKEMpIDIwMDAtMjAwMiB
HYWJlc3QNCnZvYnN1Yi5ETEwNCjIsIDAsIDIzLCAwDQp2b2JzdWIgRH
luYW1pYyBMaW5rIExpYnJhcnkNCg0KPiBDOlxXSU5ET1dTXHN5c3Rlb
TMyXE1GQzQydS5ETEwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxPTEVQ
Uk8zMi5ETEwNCj4gQzpcV0lORE9XU1xzeX