Tech Support Forum - View Single Post - [SOLVED] Possible Trojan Vondu virus and slow performance.

Hokie76 · 12-03-2008, 05:21 PM

I'm not exactly sure what is causing my pc problems. My Norton anti-virus indicated my computer was infected with the Trojan Vondu virus. On my own, after reading the threads, I downloaded and used SDFix. Performance of my computer has increased. However, I'm now receiving pop-up messages for Winweb Secruity. These messages indicate a warning: "Your OC is still infected with dangerous viruses." I appreciate
your help and assistance.

DDS (Version 1.0) - NTFSx86
Run by Ben at 18:17:18.39 on Wed 12/03/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.397 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Norton AntiVirus\Engine\16.1.0.33\ccSvcHst.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Norton AntiVirus\Engine\16.1.0.33\ccSvcHst.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\ImageMate CompactFlash USB\SandIcon.Exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Rhapsody\rhapsody.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Rhapsody\rhaphlpr.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Application Data\830483350\582137331.exe
C:\DOCUME~1\BEND9K~1.003\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\NDGM1AVD\dds[1].com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.cnn.com/
uSearch Page = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us
uSearch Bar = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
BHO: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: {656EC4B7-072B-4698-B504-2A414C1F0037} - c:\program files\embarq totalaccess\accelerator\prpl_IePopupBlocker.dll
BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\16.1.0.33\IPSBHO.DLL
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: {cc51dbba-12d7-4365-b728-98c2e5db1811} - c:\windows\system32\tonoyisa.dll
BHO: {D5DF7C9D-6069-4552-8B0C-D02A912FC889} - ws.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startup
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [prunnet] "c:\windows\system32\prunnet.exe"
mRun: [SunJavaUpdateSched] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [MSKDetectorExe] c:\progra~1\mcafee\spamki~1\MSKDetct.exe /startup
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MskAgent.exe
mRun: [RecoverFromReboot] c:\windows\temp\RecoverFromReboot.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SandIcon] c:\imagemate compactflash usb\SandIcon.Exe
mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [pujukogiwa] Rundll32.exe "c:\windows\system32\widajuku.dll",s
mRun: [582137331] "c:\documents and settings\all users\application data\830483350\582137331.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
IE: {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - {7DD73374-7187-4103-8F29-622AA25E7C40} - c:\program files\mcafee\spamkiller\mcapfbho.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\embarq totalaccess\accelerator\prplsf.dll
Trusted Zone: listen.com,%20real.com,%20llnwd.net,%20rhap
Trusted Zone: *.listen.com
Trusted Zone: *.llnwd.net
Trusted Zone: *.real.com
Trusted Zone: rhapapp.real.com
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll c:\progra~1\google\google~1\goec62~1.dll c:\windows\system32\duwiwuse.dll c:\windows\system32\medemovo.dll,c:\windows\system32\puligote.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli c:\windows\system32\puligote.dll

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1001000.021\SYMEFA.SYS [2008-12-1 309296]
R1 BHDrvx86;Symantec Heuristics Driver;\??\c:\windows\system32\drivers\nav\1001000.021\BHDrvx86.sys [2008-12-1 255536]
R1 ccHP;Symantec Hash Provider;\??\c:\windows\system32\drivers\nav\1001000.021\ccHPx86.sys [2008-12-1 362544]
R1 IDSxpx86;IDSxpx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20081201.001\IDSxpx86.sys [2008-12-2 274808]
R2 Norton AntiVirus;Norton AntiVirus;"c:\program files\norton antivirus\engine\16.1.0.33\ccsvchst.exe" /s "norton antivirus" /m "c:\program files\norton antivirus\engine\16.1.0.33\diMaster.dll" /prefetch:1 []
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2007-3-11 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-12-2 99376]
R3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20081202.035\NAVENG.SYS [2008-12-3 89104]
R3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20081202.035\NAVEX15.SYS [2008-12-3 876112]
R3 SDSTOR2K;SanDisk USB ImageMate/SecureMate Mass Storage Driver;c:\windows\system32\drivers\SDSTOR2K.SYS [2006-12-11 37781]

=============== Created Last 30 ================

2008-12-03 18:07 198,740 a------- c:\windows\system32\ws.dll
2008-12-03 18:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\830483350
2008-12-03 17:30 <DIR> --d----- c:\windows\ERUNT
2008-12-03 17:26 <DIR> --d----- C:\SDFix
2008-12-03 16:01 <DIR> --d----- C:\VundoFix Backups
2008-12-02 07:06 1,333,445 ---sh--- c:\windows\system32\imigebeg.ini
2008-12-01 17:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-12-01 17:16 35,888 a----r-- c:\windows\system32\drivers\SymIM.sys
2008-12-01 17:16 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2008-12-01 17:16 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2008-12-01 17:16 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2008-12-01 17:16 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-12-01 17:16 <DIR> --d----- c:\program files\Symantec
2008-12-01 17:16 <DIR> --d----- c:\program files\common files\Symantec Shared
2008-12-01 17:16 <DIR> --d----- c:\windows\system32\drivers\NAV
2008-12-01 17:16 <DIR> --d----- c:\program files\Norton AntiVirus
2008-12-01 17:16 <DIR> --d----- c:\program files\NortonInstaller
2008-12-01 17:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2008-12-01 17:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2008-12-01 17:00 <DIR> --d----- c:\documents and settings\all users\Symantec Temporary Files
2008-12-01 08:00 1,302,086 ---sh--- c:\windows\system32\ibipoyok.ini
2008-11-30 13:30 1,296,222 ---sh--- c:\windows\system32\igojoyuw.ini
2008-11-29 10:22 1,296,240 ---sh--- c:\windows\system32\ijolagup.ini
2008-11-29 09:52 1,296,231 ---sh--- c:\windows\system32\ujodadog.ini
2008-11-29 09:27 1,296,231 ---sh--- c:\windows\system32\okezisus.ini
2008-11-29 09:05 1,296,231 ---sh--- c:\windows\system32\uyezupab.ini
2008-11-29 08:42 1,296,231 ---sh--- c:\windows\system32\ijipodey.ini
2008-11-29 08:20 1,296,231 ---sh--- c:\windows\system32\oguloder.ini
2008-11-29 07:57 1,296,231 ---sh--- c:\windows\system32\edefibuj.ini
2008-11-29 07:35 1,296,231 ---sh--- c:\windows\system32\aherolav.ini
2008-11-29 07:12 1,296,240 ---sh--- c:\windows\system32\erubuzid.ini
2008-11-29 06:50 1,296,222 ---sh--- c:\windows\system32\agifumij.ini
2008-11-29 06:27 1,296,222 ---sh--- c:\windows\system32\ezowuwor.ini
2008-11-29 06:05 1,296,222 ---sh--- c:\windows\system32\italifel.ini
2008-11-29 05:42 1,296,222 ---sh--- c:\windows\system32\ijenafen.ini
2008-11-29 05:19 1,296,222 ---sh--- c:\windows\system32\edojoyis.ini
2008-11-29 04:57 1,296,222 ---sh--- c:\windows\system32\edulopem.ini
2008-11-29 04:34 1,296,222 ---sh--- c:\windows\system32\ateyanun.ini
2008-11-29 04:12 1,296,222 ---sh--- c:\windows\system32\ujigewuy.ini
2008-11-29 03:49 1,296,222 ---sh--- c:\windows\system32\idevuyal.ini
2008-11-29 03:27 1,296,222 ---sh--- c:\windows\system32\owuralam.ini
2008-11-29 03:04 1,296,222 ---sh--- c:\windows\system32\ewiniyon.ini
2008-11-29 02:42 1,296,222 ---sh--- c:\windows\system32\ovufarep.ini
2008-11-29 02:19 1,296,222 ---sh--- c:\windows\system32\uhogisiz.ini
2008-11-29 01:57 1,296,222 ---sh--- c:\windows\system32\azebelep.ini
2008-11-29 01:34 1,296,222 ---sh--- c:\windows\system32\ikejibut.ini
2008-11-28 07:21 1,632,016 ---sh--- c:\windows\system32\ominanoj.ini
2008-11-28 06:59 1,632,016 ---sh--- c:\windows\system32\ewofehiv.ini
2008-11-27 18:41 1,590,573 ---sh--- c:\windows\system32\ohuvumok.ini
2008-11-27 06:35 1,607,599 ---sh--- c:\windows\system32\arojivoj.ini
2008-11-26 19:55 <DIR> --d----- c:\program files\common files\Scanner
2008-11-26 19:55 <DIR> --d----- c:\program files\CA Yahoo! Anti-Spy
2008-11-26 08:49 1,607,608 ---sh--- c:\windows\system32\ubulajif.ini
2008-11-26 08:26 1,607,599 ---sh--- c:\windows\system32\abodemur.ini
2008-11-26 08:04 1,607,599 ---sh--- c:\windows\system32\iyarawif.ini
2008-11-26 07:41 1,607,599 ---sh--- c:\windows\system32\etopegog.ini
2008-11-26 07:18 1,607,599 ---sh--- c:\windows\system32\unevoriy.ini
2008-11-25 19:13 1,607,599 ---sh--- c:\windows\system32\udomowat.ini
2008-11-25 18:51 1,607,599 ---sh--- c:\windows\system32\uwofujow.ini
2008-11-25 18:28 1,607,599 ---sh--- c:\windows\system32\ozohagaf.ini
2008-11-25 18:06 1,607,599 ---sh--- c:\windows\system32\owijezoj.ini
2008-11-25 17:43 1,607,599 ---sh--- c:\windows\system32\ubeliler.ini
2008-11-23 04:47 1,593,394 ---sh--- c:\windows\system32\afiyuyev.ini
2008-11-08 12:30 25,277 a------- C:\logfile
2008-11-08 12:30 54,156 a---h--- c:\windows\QTFont.qfn
2008-11-08 12:30 1,409 a------- c:\windows\QTFont.for
2008-11-08 12:23 <DIR> --d----- c:\windows\system32\BWKDLogs
2008-11-08 12:22 5,632 a------- c:\windows\system32\ptpusb.dll
2008-11-08 12:22 159,232 a------- c:\windows\system32\ptpusd.dll
2008-11-08 12:21 <DIR> --d----- c:\program files\common files\Kodak
2008-11-08 12:19 <DIR> --d----- c:\program files\Kodak
2008-11-08 12:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kodak

==================== Find3M ====================

2008-12-01 17:26 <DIR> --d----- c:\program files\common files\EarthLink
2008-12-01 17:15 <DIR> --d----- c:\program files\McAfee
2008-11-27 17:44 <DIR> --d----- c:\program files\I Will Pass!
2008-11-26 20:01 <DIR> --d----- c:\program files\Data Caching
2008-11-15 08:03 6,686 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-10-24 06:10 453,632 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-16 14:13 1,809,944 a------- c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 14:13 202,776 a------- c:\windows\system32\dllcache\wuweb.dll
2008-10-16 14:12 323,608 a------- c:\windows\system32\dllcache\wucltui.dll
2008-10-16 14:12 561,688 a------- c:\windows\system32\dllcache\wuapi.dll
2008-10-16 14:09 92,696 a------- c:\windows\system32\dllcache\cdm.dll
2008-10-16 14:09 51,224 a------- c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-15 11:57 332,800 -------- c:\windows\system32\dllcache\netapi32.dll
2008-10-03 12:41 6,066,176 -------- c:\windows\system32\dllcache\ieframe.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-15 06:57 1,846,016 a------- c:\windows\system32\win32k.sys
2008-09-15 06:57 1,846,016 -------- c:\windows\system32\dllcache\win32k.sys
2008-09-05 23:30 241,704 -------- c:\windows\system32\dllcache\wgaLogon.dll
2008-09-05 23:29 917,032 -------- c:\windows\system32\dllcache\WgaTray.exe
2008-01-15 22:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\McAfee.com
2008-01-01 14:58 <DIR> --d----- c:\docume~1\bend9k~1.003\applic~1\Earthlink
2007-12-30 17:10 <DIR> --d----- c:\docume~1\bend9k~1.003\applic~1\ScamBlocker
2007-03-11 20:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2006-08-07 19:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\OrbNetworks
2006-08-07 18:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MotiveSysIDs
2004-08-11 17:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SBSI

============= FINISH: 18:17:53.28 ===============