A day and a half, and still no relief.

OK, I have been malware free since the fixing (Thanks Again for that!), but there is a residual weirdness.

Whenever I click on a link in an email, I get a dialog box to find a file (the built-in XP file interface box, with folders, and a bar on the left with My Recent Docs, Desktop, My Docs, My Computer, etc.) The dialog is titled "Locate Link Browser." After the dialog appears, the browser will open the page.

This only happens if my default browser (Firefox) is not already open. If it is, the link opens properly.

If I click on a link out of an MS Office Word Doc, I don't get the dialog - instead, I get TWO instances of Firefox opening the web page.

My guess is that my associations are screwed up, or that there's some residual extra entry which used to fire off some sort of malware process. The process is gone, but my registry remains funky.

Does this sound familiar? Like a known side affect of one of my former afflications?

Thanks again for all the help along the way.
 
Also, from within an emai (using Outlook for email, by the way)l, I can't right-click and copy a link. When I right-click, I get the wrong context menu - I get:

Cut
Copy
Paste
Clear
-----
Select All
-----
Look up...
Translate


Only the bottom three are enabled; top four are greyed out.

Any ideas?
 
Hi

Let's check some file associations:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
 
main.txt, part 1

Deckard's System Scanner v20070611.50
Run by ******* on 2007-06-22 at 10:53:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2007-06-22 14:53:02 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as ejiskra.exe) ---------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 10:53:58 AM, on 6/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\WINDOWS\TEMP\QL60E7.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Documents and Settings\ejiskra\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\ejiskra.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted IP range: http://207.3.148.230
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://10.160.200.200:4343/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - https://10.160.200.200:4343/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://10.160.200.200:4343/officescan/console/ClientInstall/setup.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://10.160.200.200:4343/officescan/console/html/AtxEnc.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://10.160.200.200:4343/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://emcsoftwaregroup.webex.com/client/T25L/webex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cainbrothers.com
O17 - HKLM\Software\..\Telephony: DomainName = cainbrothers.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cainbrothers.com
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 EGATHDRV (IBM eGatherer) - c:\windows\system32\egathdrv.sys <Not Verified; IBM Corporation; IBM eGatherer>
R2 pmem - c:\windows\system32\drivers\pmemnt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
R2 PrivateDisk - c:\program files\lenovo\safeguard privatedisk\privatediskm.sys <Not Verified; Utimaco Safeware AG; SafeGuard PrivateDisk>
R2 PROCDD (IPS Helper Driver) - c:\windows\system32\drivers\procdd.sys <Not Verified; Lenovo Group Limited; Away Manager>
R2 smi2 - c:\program files\smi2\smi2.sys <Not Verified; IBM Corp.; TVT SMI Bios driver>
R2 tvtfilter - c:\windows\system32\drivers\tvtfilter.sys <Not Verified; Lenovo; Rescue and Recovery>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper (TM) Disk Defragmenter>
R2 IPSSVC (IPS Core Service) - c:\windows\system32\ipssvc.exe <Not Verified; Lenovo Group Limited; Away Manager>
R2 ntrtscan (OfficeScanNT RealTime Scan) - "c:\program files\trend micro\officescan client\ntrtscan.exe" <Not Verified; Trend Micro Inc.; Trend Micro OfficeScan>
R2 OfcPfwSvc (OfficeScanNT Personal Firewall) - "c:\program files\trend micro\officescan client\ofcpfwsvc.exe" <Not Verified; Trend Micro Inc.; Trend Micro OfficeScan>
R2 SUService (System Update) - c:\program files\lenovo\system update\suservice.exe <Not Verified; Lenovo Group Limited; ThinkVantage System Update Service>
R2 tmlisten (OfficeScanNT Listener) - "c:\program files\trend micro\officescan client\tmlisten.exe" <Not Verified; Trend Micro Inc.; Trend Micro OfficeScan>
R2 TVT Scheduler - "c:\program files\common files\lenovo\scheduler\tvtsched.exe" <Not Verified; Lenovo Group Limited; tvtsched Module>
R2 tvtnetwk - c:\program files\lenovo\rescue and recovery\adm\iuservice.exe

S3 PsaSrv (IBM PSA Access Driver Control) - c:\windows\system32\psasrv.exe (file missing)
 
main.txt, part 2

-- Scheduled Tasks -------------------------------------------------------------

2007-06-22 10:01:00 266 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job


-- Files created between 2007-05-22 and 2007-06-22 -----------------------------

2007-06-18 15:23:44 0 d-------- C:\Program Files\Java
2007-06-18 15:23:40 0 d-------- C:\Program Files\Common Files\Java
2007-06-14 09:45:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-06-11 13:21:08 0 d-------- C:\!KillBox
2007-06-11 11:48:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-06-11 11:48:27 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-06-07 16:50:18 0 d-------- C:\HJT
2007-06-06 18:06:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-06-06 11:28:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-06-06 11:15:16 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Lavasoft
2007-06-06 11:14:28 0 d-------- C:\Program Files\Lavasoft
2007-06-06 11:13:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-06-05 21:43:06 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Grisoft
2007-05-27 18:55:08 0 d-------- C:\Documents and Settings\ejiskra\Application Data\ICAClient
2007-05-27 18:54:35 0 d-------- C:\WINDOWS\system32\Resource
2007-05-27 18:54:32 0 d-------- C:\Program Files\Citrix
2007-05-25 10:55:36 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Google
2007-05-25 10:55:28 0 d-------- C:\Program Files\Google
2007-05-25 10:33:29 0 d-------- C:\Documents and Settings\ejiskra\Application Data\InterVideo
2007-05-23 18:17:29 0 d-------- C:\Program Files\MSECache
2007-05-23 18:01:07 0 d-------- C:\WINDOWS\Sun
2007-05-23 18:01:07 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Sun
2007-05-23 12:21:20 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Viewpoint
2007-05-22 18:05:40 0 d-------- C:\Program Files\Support.com
2007-05-22 18:05:39 0 d-------- C:\Program Files\IBM
2007-05-22 15:30:49 0 d-------- C:\Ganked from Hera
2007-05-22 15:26:24 0 d-------- C:\Documents and Settings\ejiskra\Share


-- Find3M Report ---------------------------------------------------------------

2007-06-18 15:24:05 1286 --a------ C:\WINDOWS\mozver.dat
2007-06-16 23:59:59 5427 --a------ C:\WINDOWS\system32\EGATHDRV.SYS <Not Verified; IBM Corporation; IBM eGatherer>
2007-06-14 15:11:08 0 d-------- C:\Program Files\Foxit Software
2007-05-22 15:19:31 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Lenovo
2007-05-21 14:10:42 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Brightmail
2007-05-21 14:10:03 0 d-------- C:\Program Files\Symantec
2007-05-18 11:07:10 0 d-------- C:\Program Files\Viewpoint
2007-05-18 10:12:39 0 d-------- C:\Documents and Settings\ejiskra\Application Data\webex
2007-05-18 10:12:26 200263 --a------ C:\WINDOWS\system32\atasnt40.dll <Not Verified; WebEx Communications, Inc; WebEx Application Sharing>
2007-05-17 18:07:36 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Macromedia
2007-05-17 17:26:47 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Aim
2007-05-17 17:26:44 0 d-------- C:\Program Files\AIM
2007-05-17 17:26:40 0 d-------- C:\Program Files\AOD
2007-05-17 17:17:26 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Mozilla
2007-05-17 13:56:53 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-05-17 13:55:29 0 d-------- C:\Program Files\Symantec Client Security
2007-05-17 13:54:47 40 --a------ C:\WINDOWS\system32\profile.dat
2007-05-17 13:52:10 0 d-------- C:\Program Files\Lenovo
2007-05-17 13:22:30 0 --a------ C:\WINDOWS\nsreg.dat
2007-05-17 13:13:23 0 d-------- C:\Program Files\Trend Micro
2007-05-17 12:54:52 0 d-------- C:\Program Files\Messenger
2007-05-17 12:48:52 0 d-------- C:\Program Files\Microsoft Works
2007-05-17 12:35:28 0 d-------- C:\Program Files\Common Files\L&H
2007-05-17 12:35:21 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-05-17 12:34:50 0 d-------- C:\Program Files\Microsoft.NET
2007-05-14 21:03:25 0 d-------- C:\Program Files\Windows Live Toolbar
2007-04-27 12:49:55 0 d-------- C:\Documents and Settings\ejiskra\Application Data\ThinkVantage
2007-04-27 12:44:50 0 d-------- C:\Program Files\Common Files\Lenovo
2007-04-27 12:43:55 0 d-------- C:\Program Files\SMI2
2007-04-27 12:43:53 0 d-------- C:\Program Files\TVT SMBus
2007-04-27 12:43:20 0 d-------- C:\Program Files\Diskeeper Corporation
2007-04-27 12:38:37 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Symantec
2007-04-27 12:36:48 0 d-------- C:\Program Files\PCDR5
2007-04-27 12:36:29 0 d-------- C:\Program Files\Sonic Icons for Lenovo
2007-04-27 12:36:27 0 d-------- C:\Program Files\Multimedia Center for Think Offerings
2007-04-27 12:36:27 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-27 12:36:26 0 d-------- C:\Program Files\Common Files\SureThing Shared
2007-04-27 12:36:25 0 d-------- C:\Program Files\Sonic
2007-04-27 12:36:20 0 d-------- C:\Program Files\Common Files\Sonic Shared
2007-04-27 12:35:54 0 d-------- C:\Program Files\ThinkVantage
2007-04-27 12:35:54 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-04-27 12:35:40 0 d-------- C:\Program Files\InterVideo
2007-04-27 12:30:48 0 d-------- C:\Program Files\Analog Devices
2007-04-27 12:30:38 0 d-------- C:\Program Files\Intel
2007-04-27 12:30:36 0 d-------- C:\Program Files\ThinkCentre
2007-04-27 12:30:34 0 d-------- C:\Program Files\MSXML 4.0
2007-04-27 12:26:26 0 d-------- C:\Program Files\Windows Media Connect 2
2007-04-27 12:11:42 0 d--h----- C:\Program Files\WindowsUpdate
2007-04-27 12:11:41 0 d-------- C:\Program Files\Windows NT
2007-04-27 12:11:40 0 d-------- C:\Program Files\Online Services
2007-04-27 12:11:38 0 d-------- C:\Program Files\MSN Gaming Zone
2007-04-27 12:11:34 0 d-------- C:\Program Files\Movie Maker
2007-04-27 12:11:34 0 d-------- C:\Program Files\microsoft frontpage
2007-04-27 12:11:31 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-27 12:11:31 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-27 12:11:31 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-27 12:11:20 0 d-------- C:\Documents and Settings\ejiskra\Application Data\Identities


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{5CA3D70E-1895-11CF-8E15-001234567890} C:\WINDOWS\System32\DLA\DLASHX_W.DLL
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar1.dll
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\Windows Live Toolbar\msntb.dll
{F040E541-A427-4CF7-85D8-75E3E0F476C5} C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe"
"Mouse Suite 98 Daemon"="ICO.EXE"
"AMSG"="C:\\PROGRA~1\\THINKV~1\\AMSG\\amsg.exe"
"LPManager"="C:\\PROGRA~1\\THINKV~1\\PrdCtr\\LPMGR.exe"
"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"AwaySch"="C:\\Program Files\\Lenovo\\AwayTask\\AwaySch.EXE"
"TVT Scheduler Proxy"="C:\\Program Files\\Common Files\\Lenovo\\Scheduler\\scheduler_proxy.exe"
"DiskeeperSystray"="\"C:\\Program Files\\Diskeeper Corporation\\Diskeeper\\DkIcon.exe\""
"PDService.exe"="\"C:\\Program Files\\Lenovo\\SafeGuard PrivateDisk\\pdservice.exe\""
"cssauth"="\"C:\\Program Files\\Lenovo\\Client Security Solution\\cssauth.exe\" silent"
"OfficeScanNT Monitor"="\"C:\\Program Files\\Trend Micro\\OfficeScan Client\\pccntmon.exe\" -HideWindow"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"Persistence"="C:\\WINDOWS\\system32\\igfxpers.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{8D7E4555-1237-4DEA-BF40-1977FCA588E1}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



-- End of Deckard's System Scanner: finished at 2007-06-22 at 10:54:18 ---------
 
extra.txt

Deckard's System Scanner v20070611.50
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
CPU 1: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
Percentage of Memory in Use: 25%
Physical Memory (total/avail): 2029.91 MiB / 1521.19 MiB
Pagefile Memory (total/avail): 5969.01 MiB / 5592.79 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1960.02 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 70.48 GiB total, 54.1 GiB free.
D: is CDROM (No Media)
E: is Fixed (FAT32) - 232.83 GiB total, 147.95 GiB free.


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.


[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\DOCUME~1\\ejiskra\\LOCALS~1\\Temp\\winFC.tmp.exe"="C:\\DOCUME~1\\ejiskra\\LOCALS~1\\Temp\\winFC.tmp.exe:*:Enabled:winFC.tmp"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\ejiskra\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EISKRA-M55P
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\ejiskra
LOGONSERVER=\\HERA
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Diskeeper Corporation\Diskeeper\;C:\Program Files\Common Files\Lenovo;C:\Program Files\Lenovo\Client Security Solution
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Program Files
PROMPT=$P$G
RR=C:\Program Files\Lenovo\Rescue and Recovery
SESSIONNAME=Console
SMA=C:\Program Files\ThinkVantage\SMA\
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SWSHARE=C:\SWSHARE
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ejiskra\LOCALS~1\Temp
TMP=C:\DOCUME~1\ejiskra\LOCALS~1\Temp
TVT=C:\Program Files\Lenovo
TVTCOMMON=C:\Program Files\Common Files\Lenovo
TVTPYDIR=C:\Program Files\Common Files\Lenovo\Python24
USERDNSDOMAIN=CAINBROTHERS.COM
USERDOMAIN=NEW_YORK2
USERNAME=ejiskra
USERPROFILE=C:\Documents and Settings\ejiskra
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

ny2admin (admin)
ejiskra (admin)
LENOVO USER (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access Help --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\Setup.exe" -l0x9 UNINSTALL
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Atmel TPM Driver Installer 3.0.3.15 --> MsiExec.exe /X{BBD6BA59-4593-43CC-BBC8-8E53D354AEA4}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Client Security Solution --> MsiExec.exe /I{48227AEB-DC8E-4A90-A274-0B4A39D699B1}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Diskeeper Lite --> MsiExec.exe /X{796E076A-82F7-4D49-98C8-DEC0C3BC733A}
Foxit PDF Editor --> C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Help Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\Setup.exe" -l0x9 -AddRemove
High Definition Audio Driver Package - KB888111 -->
Intel(R) Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) PRO Network Connections Drivers --> Prounstl.exe
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Message Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}\Setup.exe" -l0x9 -AddRemove
MetaFrame Presentation Server Web Client for Win32 --> C:\WINDOWS\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (2.0.0.4) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
PC-Doctor 5 for Windows --> C:\Program Files\PCDR5\uninst.exe
Productivity Center Supplement for ThinkCentre --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\SETUP.EXE" -l0x9 -AddRemove
RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Remove Multimedia Center --> C:\swtools\apps\MMCfTO\customiz\sequencer.exe -fc:\swtools\apps\MMCfTO\customiz\uninst.seq
Rescue and Recovery --> MsiExec.exe /I{7726CF62-7B45-4E6D-9266-615346816BCA}
Rescue and Recovery Critical Patch for Windows Update (KB917422) --> MsiExec.exe /X{83E5061B-A69A-46AD-A780-1DA6569FF283}
Security Update for Step By Step Interactive Training (KB898458) -->
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic Icons for Lenovo --> MsiExec.exe /I{B334D9AE-1393-423E-97C0-3BDC3360E692}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec Spam Plug-in for Outlook --> MsiExec.exe /X{16B1B64C-3C4A-4113-9FF3-535502F08B71}
System Migration Assistant --> MsiExec.exe /X{9D22599D-E1F4-4934-8B4D-2BBA46662251}
System Update --> MsiExec.exe /X{8675339C-128C-44DD-83BF-0A5D6ABD8297}
ThinkVantage Away Manager --> Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF
ThinkVantage Productivity Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\SETUP.EXE" -l0x9 -AddRemove
ThinkVantage System Update Toolbar Button for IE --> MsiExec.exe /I{DA320635-F48C-4613-8325-D75A933C549E}
ThinkVantage Technologies Welcome Message --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x9 anything
Trend Micro OfficeScan Client --> "C:\Program Files\Trend Micro\OfficeScan Client\ntrmv.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Wallpapers --> MsiExec.exe /I{F386C340-DF4B-4BBA-9503-420FB7EDB395}
WebEx --> C:\WINDOWS\DOWNLO~1\atcliun.exe
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}
Windows Live Toolbar --> MsiExec.exe /X{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
XP Themes --> MsiExec.exe /I{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}


-- End of Deckard's System Scanner: finished at 2007-06-22 at 10:54:18 ---------
 
Hi

"-- File Associations -----------------------------------------------------------

All associations okay."

So I think that I can't help with that issue. However, I can redirect to some other forum if you like to.

One registry fix is needed, though:

First we'll need to backup registry:

Start -> Run -> regedit -> ok. Then File -> Export. Give it a name and press Save.

Save text below as fix.reg on Notepad (save it as all files (*.*)) on Desktop

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\DOCUME~1\\ejiskra\\LOCALS~1\\Temp\\winFC.tmp.exe"=-

It should look like this ->
reg.gif


Doubleclick fix.reg, press Yes and ok.

(In case you are unsure how to create a reg file, take a look here with screenshots.)
 
Last edited:
Thank; I applied this reg fix.

Any suggestions for a good forums to sort this out would be welcome.

I've tried uninstalling/reinstall Firefox. Might try doing the same with IE...
 
You must log in or register to reply here.
Back
Top