EN

The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

FORUMS

SEARCH FORUM

Redirect virus

Posted 10/10/2010 9:48 PM
#89408
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
Virus was copied from my external drive to my new computer



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:37:01 PM, on 10/10/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Customize Menu - https://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - https://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12779 bytes

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/10/2010 5:13:38 PM
mbam-log-2010-10-10 (17-13-38).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 481558
Time elapsed: 1 hour(s), 41 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



DDS (Ver_10-10-10.03) - NTFS_AMD64
Run by Zambor at 17:34:14.46 on Sun 10/10/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2050 [GMT -4:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Zambor\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
TB-X64: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
mRun-x64: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-9-27 55280]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-5 121936]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-28 92160]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-5 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-5 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-5 40384]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-5 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-5 40384]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-9-28 138752]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-7-27 339040]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-7-27 6465632]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-5 291328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-5 136176]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-4 1255736]

=============== Created Last 30 ================

2010-10-08 13:49:45 -------- d-----w- C:\Users\Zambor\AppData\Local\Adobe
2010-10-08 09:35:45 7935824 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-10-08 09:35:43 7935824 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{7562D46E-EFC5-44D6-B0BE-98C5823918B6}\mpengine.dll
2010-10-06 07:00:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-10-06 00:32:28 -------- d-----w- C:\Users\Zambor\AppData\Local\Apple Computer
2010-10-06 00:32:24 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2010-10-06 00:32:24 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2010-10-06 00:32:24 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2010-10-06 00:32:12 -------- d-----w- C:\Program Files\iPod
2010-10-06 00:32:11 -------- d-----w- C:\Program Files\iTunes
2010-10-06 00:32:11 -------- d-----w- C:\Program Files (x86)\iTunes
2010-10-06 00:32:11 -------- d-----w- C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-10-06 00:12:43 -------- d-----w- C:\Users\Zambor\AppData\Local\Diagnostics
2010-10-05 20:05:22 -------- d-----w- C:\Users\Zambor\AppData\Roaming\Malwarebytes
2010-10-05 20:05:16 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-10-05 20:05:16 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-10-05 20:05:15 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-05 20:05:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-10-05 20:00:42 -------- d-----w- C:\Program Files (x86)\WOT
2010-10-05 16:32:27 -------- d-----w- C:\PROGRA~3\SBT
2010-10-05 16:32:13 -------- d-----w- C:\Program Files (x86)\Snapshot Viewer
2010-10-05 16:28:05 -------- d-----w- C:\Windows\Msagent
2010-10-05 15:39:36 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
2010-10-05 15:39:34 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2010-10-05 15:39:34 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2010-10-05 15:39:34 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2010-10-05 15:39:34 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2010-10-05 15:39:34 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2010-10-05 15:39:34 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2010-10-05 15:39:34 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2010-10-05 15:39:32 4199784 ----a-w- C:\Windows\SysWow64\cdintf400.dll
2010-10-05 15:38:19 -------- d-----w- C:\Program Files (x86)\Common Files\Intuit
2010-10-05 15:38:05 -------- d-----w- C:\Users\Zambor\AppData\Roaming\Intuit
2010-10-05 15:38:05 -------- d-----w- C:\Program Files (x86)\Quicken
2010-10-05 15:37:29 -------- d-----w- C:\PROGRA~3\Intuit
2010-10-05 14:59:22 -------- d-----w- C:\Users\Zambor\AppData\Local\ElevatedDiagnostics
2010-10-05 14:52:25 270208 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-05 14:42:31 -------- d-----w- C:\Users\Zambor\AppData\Local\Microsoft Games
2010-10-05 14:24:42 -------- d-----w- C:\Users\Zambor\AppData\Roaming\GlarySoft
2010-10-05 14:06:42 -------- d-----w- C:\Users\Zambor\AppData\Local\Google
2010-10-05 14:06:35 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2010-10-05 14:05:52 38848 ----a-w- C:\Windows\avastSS.scr
2010-10-05 14:05:46 -------- d-----w- C:\PROGRA~3\Alwil Software
2010-10-05 13:48:45 -------- d-----w- C:\Program Files (x86)\Siber Systems
2010-10-05 08:20:05 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2010-10-04 22:23:42 -------- d-----w- C:\Program Files (x86)\CCleaner
2010-10-04 22:17:35 -------- d-----w- C:\Program Files (x86)\MSN Toolbar Installer
2010-10-04 22:02:11 -------- d-----w- C:\Windows\SysWow64\Wat
2010-10-04 22:02:11 -------- d-----w- C:\Windows\System32\Wat
2010-10-04 21:59:59 -------- d-----w- C:\Users\Zambor\AppData\Local\LogiShrd
2010-10-04 21:58:38 53248 ----a-r- C:\Users\Zambor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-10-04 21:58:26 -------- d-----w- C:\Windows\SysWow64\logishrd
2010-10-04 21:58:26 -------- d-----w- C:\Windows\System32\logishrd
2010-10-04 21:58:13 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2010-10-04 21:53:52 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-10-04 21:53:51 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-10-04 21:53:51 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-10-04 21:53:51 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-10-04 21:53:51 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-10-04 21:53:51 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-10-04 21:53:51 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-10-04 21:53:51 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-10-04 21:53:51 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-10-04 21:53:51 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-10-04 21:52:24 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2010-10-04 21:51:23 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2010-10-04 21:51:23 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2010-10-04 21:47:48 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-10-04 21:46:58 1877504 ----a-w- C:\Windows\System32\msxml3.dll
2010-10-04 21:46:58 1233920 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-10-04 21:46:16 3122688 ----a-w- C:\Windows\System32\win32k.sys
2010-10-04 21:46:07 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-10-04 21:46:07 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-10-04 21:43:56 -------- d-----w- C:\Users\Zambor\AppData\Roaming\Dell
2010-10-04 21:43:40 -------- d-----w- C:\Users\Zambor\AppData\Local\Stardock_Corporation
2010-10-04 21:43:20 -------- d-----w- C:\Users\Zambor\AppData\Local\SupportSoft
2010-10-04 21:42:49 -------- d-----w- C:\Users\Zambor\AppData\Local\VirtualStore
2010-09-28 04:42:47 -------- d-----w- C:\apps
2010-09-28 04:41:53 67584 ----a-w- C:\Windows\System32\RtNicProp64.dll
2010-09-28 04:40:46 -------- d-----w- C:\Windows\System32\oem
2010-09-28 04:40:44 -------- d-----w- C:\Windows\Panther
2010-09-28 04:40:44 -------- d-----w- C:\Drivers
2010-09-28 04:36:51 -------- d-----w- C:\dell
2010-09-28 03:52:49 -------- d-----w- C:\Program Files\Realtek
2010-09-28 03:52:48 -------- d-----w- C:\Windows\SysWow64\RTCOM
2010-09-28 03:51:47 948760 ----a-w- C:\Windows\SysWow64\igxpun.exe
2010-09-28 03:51:47 -------- d-----w- C:\Windows\SysWow64\x64
2010-09-28 03:51:47 -------- d-----w- C:\Windows\SysWow64\Lang
2010-09-28 02:14:32 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2010-09-28 02:14:23 -------- d-----w- C:\Program Files (x86)\McAfee.com
2010-09-28 02:14:12 -------- d-----w- C:\Program Files (x86)\McAfee
2010-09-28 02:09:46 -------- dc-h--w- C:\PROGRA~3\{D19C2D22-6043-47E7-B400-83A351841204}
2010-09-28 02:09:42 -------- d-----w- C:\Program Files\Dell
2010-09-28 02:09:33 -------- d-----w- C:\PROGRA~3\Uninstall
2010-09-28 02:09:25 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2010-09-28 02:09:25 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2010-09-28 02:09:25 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2010-09-28 02:09:25 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2010-09-28 02:09:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-09-28 02:09:24 -------- d-----w- C:\Program Files (x86)\Roxio
2010-09-28 02:07:53 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2010-09-28 02:07:53 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2010-09-28 02:07:36 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-09-28 02:06:20 -------- d-----w- C:\Program Files (x86)\Microsoft
2010-09-28 02:05:56 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2010-09-28 02:05:22 -------- d-----w- C:\Windows\PCHEALTH
2010-09-28 02:05:12 4927864 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\95bacdc01cb5eb1\Silverlight.2.0.exe
2010-09-28 02:04:43 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8449383e1cb5eb1\DSETUP.dll
2010-09-28 02:04:43 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8449383e1cb5eb1\DXSETUP.exe
2010-09-28 02:04:43 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8449383e1cb5eb1\dsetup32.dll
2010-09-28 02:03:14 141402440 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc81A.tmp
2010-09-28 02:03:07 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2010-09-28 02:00:58 -------- d-----w- C:\Program Files (x86)\Citrix
2010-09-28 01:59:45 -------- d-----w- C:\Intel
2010-09-28 01:59:39 455680 ----a-w- C:\Windows\System32\deployJava1.dll
2010-09-28 01:58:48 423656 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-28 01:57:15 -------- d-----w- C:\Program Files\Dell Inc
2010-09-28 01:57:12 -------- d-sh--w- C:\Windows\Installer
2010-09-22 22:10:52 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll

==================== Find3M ====================

2010-09-08 15:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll
2010-07-29 02:22:38 161304 ----a-w- C:\Windows\System32\igfxtray.exe
2010-07-29 02:22:36 508952 ----a-w- C:\Windows\System32\igfxsrvc.exe
2010-07-29 02:22:34 415256 ----a-w- C:\Windows\System32\igfxpers.exe
2010-07-29 02:22:32 386584 ----a-w- C:\Windows\System32\hkcmd.exe
2010-07-29 02:22:32 223768 ----a-w- C:\Windows\System32\igfxext.exe
2010-07-29 02:22:30 3156504 ----a-w- C:\Windows\System32\GfxUI.exe
2010-07-29 02:22:28 152600 ----a-w- C:\Windows\System32\difx64.exe
2010-07-29 02:18:58 92672 ----a-w- C:\Windows\System32\igfxCoIn_v2189.dll
2010-07-29 02:10:36 6547968 ----a-w- C:\Windows\System32\igdumd64.dll
2010-07-29 02:08:46 439308 ----a-w- C:\Windows\SysWow64\igcompkrng500.bin
2010-07-29 02:08:46 439308 ----a-w- C:\Windows\System32\igcompkrng500.bin
2010-07-29 02:08:44 92356 ----a-w- C:\Windows\SysWow64\igfcg500m.bin
2010-07-29 02:08:44 92356 ----a-w- C:\Windows\System32\igfcg500m.bin
2010-07-29 02:08:42 982240 ----a-w- C:\Windows\SysWow64\igkrng500.bin
2010-07-29 02:08:42 982240 ----a-w- C:\Windows\System32\igkrng500.bin
2010-07-29 02:02:54 4967424 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2010-07-29 01:58:10 571904 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2010-07-29 01:55:00 4720128 ----a-w- C:\Windows\System32\igd10umd64.dll
2010-07-29 01:47:56 4411904 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2010-07-29 01:41:12 15035392 ----a-w- C:\Windows\System32\ig4icd64.dll
2010-07-29 01:32:14 11042304 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2010-07-29 01:27:58 88064 ----a-w- C:\Windows\System32\igfxrnld.lrc
2010-07-29 01:27:58 87552 ----a-w- C:\Windows\System32\igfxrfin.lrc
2010-07-29 01:27:58 87552 ----a-w- C:\Windows\System32\igfxrcsy.lrc
2010-07-29 01:27:58 87040 ----a-w- C:\Windows\System32\igfxrdan.lrc
2010-07-29 01:27:58 83968 ----a-w- C:\Windows\System32\igfxrcht.lrc
2010-07-29 01:27:56 86528 ----a-w- C:\Windows\System32\igfxrara.lrc
2010-07-29 01:27:56 83968 ----a-w- C:\Windows\System32\igfxrchs.lrc
2010-07-29 01:27:54 122368 ----a-w- C:\Windows\System32\igfxcpl.cpl
2010-07-29 01:27:34 380416 ----a-w- C:\Windows\System32\igfxTMM.dll
2010-07-29 01:27:26 27648 ----a-w- C:\Windows\System32\igfxexps.dll
2010-07-29 01:27:26 243200 ----a-w- C:\Windows\System32\igfxpph.dll
2010-07-29 01:27:02 61952 ----a-w- C:\Windows\System32\igfxsrvc.dll
2010-07-29 01:26:30 108032 ----a-w- C:\Windows\System32\hccutils.dll
2010-07-29 01:26:20 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2010-07-29 01:26:20 271360 ----a-w- C:\Windows\System32\igfxdev.dll
2010-07-29 01:26:20 119808 ----a-w- C:\Windows\System32\gfxSrvc.dll
2010-07-29 01:25:48 87552 ----a-w- C:\Windows\System32\igfxrenu.lrc
2010-07-29 01:25:44 830464 ----a-w- C:\Windows\System32\igfxress.dll
2010-07-29 01:25:44 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2010-07-29 01:22:00 23552 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2010-07-29 01:20:54 228864 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2010-07-29 01:14:38 208896 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2010-07-29 01:14:38 205824 ----a-w- C:\Windows\System32\iglhsip64.dll
2010-07-29 01:14:38 187392 ----a-w- C:\Windows\System32\iglhcp64.dll
2010-07-29 01:14:38 143360 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2010-07-27 22:55:50 95520 ----a-w- C:\Windows\System32\dnssd.dll
2010-07-27 22:55:50 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2010-07-27 22:55:50 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2010-07-27 22:55:50 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2010-07-27 22:44:10 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2010-07-27 22:44:10 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2010-07-27 22:44:10 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2010-07-27 22:44:10 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2010-07-27 13:14:12 539232 ----a-w- C:\Windows\SysWow64\LVUI2RC.dll
2010-07-27 13:14:00 543328 ----a-w- C:\Windows\SysWow64\LVUI2.dll
2010-07-27 13:13:50 559712 ----a-w- C:\Windows\System32\LVUIRC64.dll
2010-07-27 13:13:04 771168 ----a-w- C:\Windows\System32\LVUI64.dll
2010-07-27 13:08:58 269408 ----a-w- C:\Windows\System32\lvco1311021.dll
2010-07-27 13:08:22 398432 ----a-w- C:\Windows\System32\lvcod64.dll
2010-07-27 13:07:56 416352 ----a-w- C:\Windows\SysWow64\lvcodec2.dll
2010-07-27 13:03:20 10829656 ----a-w- C:\Windows\SysWow64\LogiDPP.dll
2010-07-27 13:03:20 10829656 ----a-w- C:\Windows\System32\LogiDPP.dll
2010-07-27 13:03:20 102744 ----a-w- C:\Windows\SysWow64\LogiDPPApp.exe
2010-07-27 13:03:20 102744 ----a-w- C:\Windows\System32\LogiDPPApp.exe
2010-07-27 13:03:18 290648 ----a-w- C:\Windows\SysWow64\DevManagerCore.dll
2010-07-27 13:03:18 290648 ----a-w- C:\Windows\System32\DevManagerCore.dll
2010-07-27 12:55:50 37518 ----a-w- C:\Windows\System32\Repository.reg

============= FINISH: 17:34:44.94 ===============





DDS (Ver_10-10-10.03) - NTFS_AMD64
Run by Zambor at 17:34:14.46 on Sun 10/10/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2050 [GMT -4:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Zambor\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
TB-X64: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
mRun-x64: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-9-27 55280]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-5 121936]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-28 92160]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-5 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-5 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-5 40384]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-5 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-10-5 40384]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-9-28 138752]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-7-27 339040]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-7-27 6465632]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-5 291328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-5 136176]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-4 1255736]

=============== Created Last 30 ================

2010-10-08 13:49:45 -------- d-----w- C:\Users\Zambor\AppData\Local\Adobe
2010-10-08 09:35:45 7935824 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-10-08 09:35:43 7935824 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{7562D46E-EFC5-44D6-B0BE-98C5823918B6}\mpengine.dll
2010-10-06 07:00:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-10-06 00:32:28 -------- d-----w- C:\Users\Zambor\AppData\Local\Apple Computer
2010-10-06 00:32:24 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2010-10-06 00:32:24 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2010-10-06 00:32:24 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2010-10-06 00:32:12 -------- d-----w- C:\Program Files\iPod
2010-10-06 00:32:11 -------- d-----w- C:\Program Files\iTunes
2010-10-06 00:32:11 -------- d-----w- C:\Program Files (x86)\iTunes
2010-10-06 00:32:11 -------- d-----w- C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-10-06 00:12:43 -------- d-----w- C:\Users\Zambor\AppData\Local\Diagnostics
2010-10-05 20:05:22 -------- d-----w- C:\Users\Zambor\AppData\Roaming\Malwarebytes
2010-10-05 20:05:16 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-10-05 20:05:16 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-10-05 20:05:15 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-05 20:05:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-10-05 20:00:42 -------- d-----w- C:\Program Files (x86)\WOT
2010-10-05 16:32:27 -------- d-----w- C:\PROGRA~3\SBT
2010-10-05 16:32:13 -------- d-----w- C:\Program Files (x86)\Snapshot Viewer
2010-10-05 16:28:05 -------- d-----w- C:\Windows\Msagent
2010-10-05 15:39:36 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
2010-10-05 15:39:34 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2010-10-05 15:39:34 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2010-10-05 15:39:34 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2010-10-05 15:39:34 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2010-10-05 15:39:34 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2010-10-05 15:39:34 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2010-10-05 15:39:34 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2010-10-05 15:39:32 4199784 ----a-w- C:\Windows\SysWow64\cdintf400.dll
2010-10-05 15:38:19 -------- d-----w- C:\Program Files (x86)\Common Files\Intuit
2010-10-05 15:38:05 -------- d-----w- C:\Users\Zambor\AppData\Roaming\Intuit
2010-10-05 15:38:05 -------- d-----w- C:\Program Files (x86)\Quicken
2010-10-05 15:37:29 -------- d-----w- C:\PROGRA~3\Intuit
2010-10-05 14:59:22 -------- d-----w- C:\Users\Zambor\AppData\Local\ElevatedDiagnostics
2010-10-05 14:52:25 270208 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-05 14:42:31 -------- d-----w- C:\Users\Zambor\AppData\Local\Microsoft Games
2010-10-05 14:24:42 -------- d-----w- C:\Users\Zambor\AppData\Roaming\GlarySoft
2010-10-05 14:06:42 -------- d-----w- C:\Users\Zambor\AppData\Local\Google
2010-10-05 14:06:35 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2010-10-05 14:05:52 38848 ----a-w- C:\Windows\avastSS.scr
2010-10-05 14:05:46 -------- d-----w- C:\PROGRA~3\Alwil Software
2010-10-05 13:48:45 -------- d-----w- C:\Program Files (x86)\Siber Systems
2010-10-05 08:20:05 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2010-10-04 22:23:42 -------- d-----w- C:\Program Files (x86)\CCleaner
2010-10-04 22:17:35 -------- d-----w- C:\Program Files (x86)\MSN Toolbar Installer
2010-10-04 22:02:11 -------- d-----w- C:\Windows\SysWow64\Wat
2010-10-04 22:02:11 -------- d-----w- C:\Windows\System32\Wat
2010-10-04 21:59:59 -------- d-----w- C:\Users\Zambor\AppData\Local\LogiShrd
2010-10-04 21:58:38 53248 ----a-r- C:\Users\Zambor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-10-04 21:58:26 -------- d-----w- C:\Windows\SysWow64\logishrd
2010-10-04 21:58:26 -------- d-----w- C:\Windows\System32\logishrd
2010-10-04 21:58:13 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2010-10-04 21:53:52 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-10-04 21:53:51 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-10-04 21:53:51 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-10-04 21:53:51 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-10-04 21:53:51 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-10-04 21:53:51 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-10-04 21:53:51 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-10-04 21:53:51 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-10-04 21:53:51 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-10-04 21:53:51 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-10-04 21:52:24 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2010-10-04 21:51:23 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2010-10-04 21:51:23 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2010-10-04 21:47:48 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-10-04 21:46:58 1877504 ----a-w- C:\Windows\System32\msxml3.dll
2010-10-04 21:46:58 1233920 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-10-04 21:46:16 3122688 ----a-w- C:\Windows\System32\win32k.sys
2010-10-04 21:46:07 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-10-04 21:46:07 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-10-04 21:43:56 -------- d-----w- C:\Users\Zambor\AppData\Roaming\Dell
2010-10-04 21:43:40 -------- d-----w- C:\Users\Zambor\AppData\Local\Stardock_Corporation
2010-10-04 21:43:20 -------- d-----w- C:\Users\Zambor\AppData\Local\SupportSoft
2010-10-04 21:42:49 -------- d-----w- C:\Users\Zambor\AppData\Local\VirtualStore
2010-09-28 04:42:47 -------- d-----w- C:\apps
2010-09-28 04:41:53 67584 ----a-w- C:\Windows\System32\RtNicProp64.dll
2010-09-28 04:40:46 -------- d-----w- C:\Windows\System32\oem
2010-09-28 04:40:44 -------- d-----w- C:\Windows\Panther
2010-09-28 04:40:44 -------- d-----w- C:\Drivers
2010-09-28 04:36:51 -------- d-----w- C:\dell
2010-09-28 03:52:49 -------- d-----w- C:\Program Files\Realtek
2010-09-28 03:52:48 -------- d-----w- C:\Windows\SysWow64\RTCOM
2010-09-28 03:51:47 948760 ----a-w- C:\Windows\SysWow64\igxpun.exe
2010-09-28 03:51:47 -------- d-----w- C:\Windows\SysWow64\x64
2010-09-28 03:51:47 -------- d-----w- C:\Windows\SysWow64\Lang
2010-09-28 02:14:32 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2010-09-28 02:14:23 -------- d-----w- C:\Program Files (x86)\McAfee.com
2010-09-28 02:14:12 -------- d-----w- C:\Program Files (x86)\McAfee
2010-09-28 02:09:46 -------- dc-h--w- C:\PROGRA~3\{D19C2D22-6043-47E7-B400-83A351841204}
2010-09-28 02:09:42 -------- d-----w- C:\Program Files\Dell
2010-09-28 02:09:33 -------- d-----w- C:\PROGRA~3\Uninstall
2010-09-28 02:09:25 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2010-09-28 02:09:25 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2010-09-28 02:09:25 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2010-09-28 02:09:25 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2010-09-28 02:09:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-09-28 02:09:24 -------- d-----w- C:\Program Files (x86)\Roxio
2010-09-28 02:07:53 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2010-09-28 02:07:53 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2010-09-28 02:07:36 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-09-28 02:06:20 -------- d-----w- C:\Program Files (x86)\Microsoft
2010-09-28 02:05:56 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2010-09-28 02:05:22 -------- d-----w- C:\Windows\PCHEALTH
2010-09-28 02:05:12 4927864 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\95bacdc01cb5eb1\Silverlight.2.0.exe
2010-09-28 02:04:43 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8449383e1cb5eb1\DSETUP.dll
2010-09-28 02:04:43 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8449383e1cb5eb1\DXSETUP.exe
2010-09-28 02:04:43 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8449383e1cb5eb1\dsetup32.dll
2010-09-28 02:03:14 141402440 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc81A.tmp
2010-09-28 02:03:07 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2010-09-28 02:00:58 -------- d-----w- C:\Program Files (x86)\Citrix
2010-09-28 01:59:45 -------- d-----w- C:\Intel
2010-09-28 01:59:39 455680 ----a-w- C:\Windows\System32\deployJava1.dll
2010-09-28 01:58:48 423656 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-28 01:57:15 -------- d-----w- C:\Program Files\Dell Inc
2010-09-28 01:57:12 -------- d-sh--w- C:\Windows\Installer
2010-09-22 22:10:52 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll

==================== Find3M ====================

2010-09-08 15:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll
2010-07-29 02:22:38 161304 ----a-w- C:\Windows\System32\igfxtray.exe
2010-07-29 02:22:36 508952 ----a-w- C:\Windows\System32\igfxsrvc.exe
2010-07-29 02:22:34 415256 ----a-w- C:\Windows\System32\igfxpers.exe
2010-07-29 02:22:32 386584 ----a-w- C:\Windows\System32\hkcmd.exe
2010-07-29 02:22:32 223768 ----a-w- C:\Windows\System32\igfxext.exe
2010-07-29 02:22:30 3156504 ----a-w- C:\Windows\System32\GfxUI.exe
2010-07-29 02:22:28 152600 ----a-w- C:\Windows\System32\difx64.exe
2010-07-29 02:18:58 92672 ----a-w- C:\Windows\System32\igfxCoIn_v2189.dll
2010-07-29 02:10:36 6547968 ----a-w- C:\Windows\System32\igdumd64.dll
2010-07-29 02:08:46 439308 ----a-w- C:\Windows\SysWow64\igcompkrng500.bin
2010-07-29 02:08:46 439308 ----a-w- C:\Windows\System32\igcompkrng500.bin
2010-07-29 02:08:44 92356 ----a-w- C:\Windows\SysWow64\igfcg500m.bin
2010-07-29 02:08:44 92356 ----a-w- C:\Windows\System32\igfcg500m.bin
2010-07-29 02:08:42 982240 ----a-w- C:\Windows\SysWow64\igkrng500.bin
2010-07-29 02:08:42 982240 ----a-w- C:\Windows\System32\igkrng500.bin
2010-07-29 02:02:54 4967424 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2010-07-29 01:58:10 571904 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2010-07-29 01:55:00 4720128 ----a-w- C:\Windows\System32\igd10umd64.dll
2010-07-29 01:47:56 4411904 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2010-07-29 01:41:12 15035392 ----a-w- C:\Windows\System32\ig4icd64.dll
2010-07-29 01:32:14 11042304 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2010-07-29 01:27:58 88064 ----a-w- C:\Windows\System32\igfxrnld.lrc
2010-07-29 01:27:58 87552 ----a-w- C:\Windows\System32\igfxrfin.lrc
2010-07-29 01:27:58 87552 ----a-w- C:\Windows\System32\igfxrcsy.lrc
2010-07-29 01:27:58 87040 ----a-w- C:\Windows\System32\igfxrdan.lrc
2010-07-29 01:27:58 83968 ----a-w- C:\Windows\System32\igfxrcht.lrc
2010-07-29 01:27:56 86528 ----a-w- C:\Windows\System32\igfxrara.lrc
2010-07-29 01:27:56 83968 ----a-w- C:\Windows\System32\igfxrchs.lrc
2010-07-29 01:27:54 122368 ----a-w- C:\Windows\System32\igfxcpl.cpl
2010-07-29 01:27:34 380416 ----a-w- C:\Windows\System32\igfxTMM.dll
2010-07-29 01:27:26 27648 ----a-w- C:\Windows\System32\igfxexps.dll
2010-07-29 01:27:26 243200 ----a-w- C:\Windows\System32\igfxpph.dll
2010-07-29 01:27:02 61952 ----a-w- C:\Windows\System32\igfxsrvc.dll
2010-07-29 01:26:30 108032 ----a-w- C:\Windows\System32\hccutils.dll
2010-07-29 01:26:20 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2010-07-29 01:26:20 271360 ----a-w- C:\Windows\System32\igfxdev.dll
2010-07-29 01:26:20 119808 ----a-w- C:\Windows\System32\gfxSrvc.dll
2010-07-29 01:25:48 87552 ----a-w- C:\Windows\System32\igfxrenu.lrc
2010-07-29 01:25:44 830464 ----a-w- C:\Windows\System32\igfxress.dll
2010-07-29 01:25:44 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2010-07-29 01:22:00 23552 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2010-07-29 01:20:54 228864 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2010-07-29 01:14:38 208896 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2010-07-29 01:14:38 205824 ----a-w- C:\Windows\System32\iglhsip64.dll
2010-07-29 01:14:38 187392 ----a-w- C:\Windows\System32\iglhcp64.dll
2010-07-29 01:14:38 143360 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2010-07-27 22:55:50 95520 ----a-w- C:\Windows\System32\dnssd.dll
2010-07-27 22:55:50 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2010-07-27 22:55:50 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2010-07-27 22:55:50 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2010-07-27 22:44:10 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2010-07-27 22:44:10 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2010-07-27 22:44:10 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2010-07-27 22:44:10 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2010-07-27 13:14:12 539232 ----a-w- C:\Windows\SysWow64\LVUI2RC.dll
2010-07-27 13:14:00 543328 ----a-w- C:\Windows\SysWow64\LVUI2.dll
2010-07-27 13:13:50 559712 ----a-w- C:\Windows\System32\LVUIRC64.dll
2010-07-27 13:13:04 771168 ----a-w- C:\Windows\System32\LVUI64.dll
2010-07-27 13:08:58 269408 ----a-w- C:\Windows\System32\lvco1311021.dll
2010-07-27 13:08:22 398432 ----a-w- C:\Windows\System32\lvcod64.dll
2010-07-27 13:07:56 416352 ----a-w- C:\Windows\SysWow64\lvcodec2.dll
2010-07-27 13:03:20 10829656 ----a-w- C:\Windows\SysWow64\LogiDPP.dll
2010-07-27 13:03:20 10829656 ----a-w- C:\Windows\System32\LogiDPP.dll
2010-07-27 13:03:20 102744 ----a-w- C:\Windows\SysWow64\LogiDPPApp.exe
2010-07-27 13:03:20 102744 ----a-w- C:\Windows\System32\LogiDPPApp.exe
2010-07-27 13:03:18 290648 ----a-w- C:\Windows\SysWow64\DevManagerCore.dll
2010-07-27 13:03:18 290648 ----a-w- C:\Windows\System32\DevManagerCore.dll
2010-07-27 12:55:50 37518 ----a-w- C:\Windows\System32\Repository.reg

============= FINISH: 17:34:44.94 ===============
Posted 10/11/2010 4:47 AM
#89421
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Hello wz

Using Internet Explorer or Firefox, visit: https://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

Click Accept, when prompted to download and install the program files and database of malware definitions.



To optimize scanning time and produce a more sensible report for review:



Close any open programs



Click Run at the Security prompt.



The program will then begin downloading and installing and will also update the database.

Please be patient as this can take quite a long time to download.



Once the update is complete, click on Settings.

Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

Spyware, adware, dialers, and other riskware

Archives

E-mail databases·



Click on My Computer under the green Scan bar to the left to start the scan.

· Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. I only require a report from it.

· Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.

Click View report... at the bottom.

Click the Save report... button.









Change the Files of type dropdown box to Text file (.txt) and name the file KasReport.txt to save the file to your desktop so that you may post it in your next reply
Please post kaspersky log your next post.







[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/11/2010 8:28 PM
#89438
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Monday, October 11, 2010
Operating system: Microsoft (build 7600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, October 10, 2010 19:25:08
Records in database: 4203759
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Scan statistics:
Objects scanned: 374278
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 04:02:29

No threats found. Scanned area is clean.

Selected area has been scanned.
Posted 10/12/2010 7:31 AM
#89449
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
How are things running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/12/2010 1:34 PM
#89459
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
I'm sorry I do not know what I did wrong. I added the kaspersky log as requested.
Posted 10/13/2010 4:36 AM
#89483
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Yes, I´ve noticed, that´s why I asked - How are things running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/13/2010 2:36 PM
#89493
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
Sorry for the last post. I am still getting redirected. The virus sends me to various sites like the one listed below. It does not do it every time, but often enough to be very annoying.
https://drvtrf.com/?to=con&from=c1&type=www.app.com:
Posted 10/13/2010 2:58 PM
#89494
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Ok.



Please run: [color=#222222][3]https://www.superantispyware.com/onlinescan.html[/3][/color]

Follow the instructions on the site. When downloaded, click on – Check for updates – Button.

Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining.
Ignore System Restore/Volume Information on ME and XP
Please leave the others unchecked.

On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click
NO.



When the scan have finished ->

Click Preferences . Click the Statistics/Logs tab .
Under Scanner Logs , double-click SUPERAntiSpyware Scan Log .
It will open in your default text editor (such as Notepad/Wordpad).

· Save the logfile to desktop

· Click close and close again to exit the program.

Reboot, if needed.

Post Superantispyware log in next reply.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/13/2010 11:26 PM
#89496
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
I had to download program to run.
I think I will also run program for the external

E: drive. This is where the virus/malware came from to begin with.



SUPERAntiSpyware Scan Log
https://www.superantispyware.com

Generated 10/13/2010 at 06:37 PM

Application Version : 4.44.1000

Core Rules Database Version : 5679
Trace Rules Database Version: 3491

Scan type : Complete Scan
Total Scan Time : 00:50:27

Memory items scanned : 571
Memory threats detected : 0
Registry items scanned : 13209
Registry threats detected : 0
File items scanned : 131599
File threats detected : 1

Adware.Tracking Cookie
C:\Users\Zambor\AppData\Roaming\Microsoft\Windows\Cookies\Low\zambor@richmedia.yahoo[1].txt
Posted 10/14/2010 1:43 PM
#89503
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
The external drive was ok, but I am still getting redirected.
Posted 10/18/2010 5:02 PM
#89556
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
Please help with the next step.
Posted 10/19/2010 2:52 AM
#89572
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Click https://www.gmer.net/download.php

and download the installer for Gmer to your desktop, then click that file to run Gmer.


If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.


You can break logs into parts and use separate posts here when replying and posting the log files, if needed.


[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/19/2010 2:42 PM
#89583
User avatar

wz Valued member

Date Joined Nov 2016
Total Posts: 17
The program said no changes to my system weere made, so the is no report to copy.
Post a reply
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Sunday, July 3, 2022, 10:42 PM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,684 registered members. Please welcome our newest member, james44.
10 Guest(s), 0 Registered Member(s) are currently online.