[axeman61]

Yesterday, I was browsing the internet when my Avira started saying it caught 2 viruses or unwanted programs:
TR/ATRAPS.Gen2
TR/Sirefef.AG.35

I told avira to remove it, then the same warning popped up. Did it again. Eventually, I had to restart my computer, because of Avira's scans after removing it. Had 4 scans going that were hung. The warning popped up again post-restart. I clicked "details", switched the action to "delete" for both, and the warning still popped up again after. Now my internet seems to take a few seconds to load pages. I had Avira run a "quick" scan (took over 50 minutes) to root out this problem for real, but it was to no avail.

I wasn't browsing any "risque" content; I was just on Digg and Cracked. I'm assuming this is because of a Java breach or something. Near the end of the Avira quick scan, this popped up:TR/Small.FI

The scan was over, and the warnings were still popping up. The only way I can keep them at bay now is to hit "Details" and just not reply to them at all. That has to be a bad tactic. I'm hoping you guys can help me here. I'm reading of manual fixes to this on Google, but they require me to delete things from the registry, and I don't like messing with the registry.

Computer info (in case it's important)
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz, x86 Family 15 Model 4 Stepping 1
Processor Count: 2
RAM: 3062 Mb
Graphics Card: Intel(R) 82915G/GV/910GL Express Chipset Family, 128 Mb
Hard Drives: C: Total - 35055 MB, Free - 11819 MB; D: Total - 305242 MB, Free - 155532 MB;
Motherboard: Dell Inc. , 0M3918, , ..CN708214B5049M.
Antivirus: Avira Desktop, Updated: Yes, On-Demand Scanner: Enabled

HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:01:10 PM, on 6/20/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Documents and Settings\Daniel Hopkins\Application Data\WMPRWISE.EXE
C:\Program Files\Belvedere\Belvedere.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\stickies\stickies.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\avira\antivir desktop\avscan.exe
c:\program files\avira\antivir desktop\avscan.exe
c:\program files\avira\antivir desktop\avscan.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Daniel Hopkins\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.Reco rderBarBHO100.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Microsoft Firewall 2.9] C:\Documents and Settings\Daniel Hopkins\Application Data\WMPRWISE.EXE
O4 - Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe
O4 - Global Startup: Belvedere.lnk = C:\Program Files\Belvedere\Belvedere.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O4 - Global Startup: Shortcut to Main Script.ahk.lnk = D:\Shared Media\Programming\Scripts\Main Script.ahk
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1278876020469
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} (WebBrowserType Class) - https://pattcw.att.motive.com/wizlet...tInstaller.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe

--
End of file - 9638 bytes

DDS.txt:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.5.1
Run by Daniel Hopkins at 19:01:47 on 2012-06-20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3062.1589 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Documents and Settings\Daniel Hopkins\Application Data\WMPRWISE.EXE
C:\Program Files\Belvedere\Belvedere.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\stickies\stickies.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\avira\antivir desktop\avscan.exe
c:\program files\avira\antivir desktop\avscan.exe
c:\program files\avira\antivir desktop\avscan.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Documents and Settings\Daniel Hopkins\Desktop\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.att.net
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.Reco rderBarBHO100.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Microsoft Firewall 2.9] c:\documents and settings\daniel hopkins\application data\WMPRWISE.EXE
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\daniel~1\startm~1\programs\startup\stickies.lnk - c:\program files\stickies\stickies.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belved~1.lnk - c:\program files\belvedere\Belvedere.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\shortc~1.lnk - d:\shared media\programming\scripts\Main Script.ahk
IE: Download with GetRight - c:\program files\getright\GRdownload.htm
IE: Download with Mipony - file://c:\program files\mipony\browser\IEContext.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\program files\getright\GRbrowse.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278876020469
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{35D46BEB-D142-466D-A91E-CD77E9FC6269} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Notify: igfxcui - igfxdev.dll
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\daniel hopkins\application data\mozilla\firefox\profiles\ulvsjgjp.default\
FF - prefs.js: browser.search.selectedEngine - Amazon.com
FF - prefs.js: browser.startup.homepage - hxxp://us.f804.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=15471&y5beta=yes&y5beta=yes&inc=200&order=do wn&sort=date&pos=0&view=a&head=b&box=%40B%40Bulk | mail.umflint.edu | https://mail.google.com/mail/?shva=1#inbox | http://www.scholarshipexperts.com/showLogin.htx
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\3.0.40818.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.zencast -
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-20 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-20 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-20 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-20 83392]
R2 MSSQL$MYSERVER;SQL Server (MYSERVER);c:\program files\microsoft sql server\mssql10_50.myserver\mssql\binn\sqlservr.exe [2010-4-3 42884448]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-5 136176]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-8-16 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-8-16 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-5 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-4 113120]
S3 SliceDisk5;SliceDisk5;c:\program files\a-ff find and mount\slicedisk.sys [2011-8-14 26192]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2009-12-8 48128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2010-3-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
S4 SQLAgent$MYSERVER;SQL Server Agent (MYSERVER);c:\program files\microsoft sql server\mssql10_50.myserver\mssql\binn\SQLAGENT.EXE [2010-4-3 367456]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== Created Last 30 ================
.
2012-06-19 23:44:55 711240 ----a-w- c:\windows\isRS-000.tmp
2012-06-19 22:24:55 55808 ---h--w- c:\documents and settings\daniel hopkins\application data\ntuser.dat
2012-06-19 22:20:56 -------- d-----w- c:\program files\Oracle
2012-06-19 21:59:45 172544 ---h--w- c:\documents and settings\daniel hopkins\application data\WMPRWISE.EXE
2012-06-18 04:58:41 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-18 04:58:41 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-08 01:51:09 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-06-08 01:51:09 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-06-08 01:49:20 -------- d-----w- c:\program files\iPod
2012-06-08 01:49:16 -------- d-----w- c:\program files\iTunes
2012-06-08 01:49:16 -------- d-----w- c:\documents and settings\all users\application data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-06-08 01:48:14 -------- d-----w- c:\documents and settings\daniel hopkins\local settings\application data\Apple
2012-06-08 01:47:13 -------- d-----w- c:\program files\Bonjour
2012-06-07 22:07:08 -------- d-----w- c:\documents and settings\daniel hopkins\application data\iPodder
2012-06-07 22:06:55 -------- d-----w- c:\program files\Juice
.
==================== Find3M ====================
.
2012-06-15 01:05:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-15 01:05:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 07:58:35 667136 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 01:20:45 4126880 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-05-09 00:58:44 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-04 23:29:50 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-05-04 23:29:22 772504 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-04 23:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-20 19:29:52 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-04-20 19:29:52 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-04-19 12:44:57 369664 ----a-w- c:\windows\system32\html.iec
2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 19:02:22.23 ===============

Ark.txt:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-20 21:37:05
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-17 WDC_WD400BD-75JMA0 rev.05.01C05
Running: 2wu1fjnu.exe; Driver: C:\DOCUME~1\DANIEL~1\LOCALS~1\Temp\ffkyyaog.sys


---- System - GMER 1.0.15 ----

SSDT BA69EDDC ZwClose
SSDT BA69ED96 ZwCreateKey
SSDT BA69EDE6 ZwCreateSection
SSDT BA69ED8C ZwCreateThread
SSDT BA69ED9B ZwDeleteKey
SSDT BA69EDA5 ZwDeleteValueKey
SSDT BA69EDD7 ZwDuplicateObject
SSDT spqv.sys ZwEnumerateKey [0xB9ECDDA4]
SSDT spqv.sys ZwEnumerateValueKey [0xB9ECE132]
SSDT BA69EDAA ZwLoadKey
SSDT spqv.sys ZwOpenKey [0xB9EB50C0]
SSDT BA69ED78 ZwOpenProcess
SSDT BA69ED7D ZwOpenThread
SSDT spqv.sys ZwQueryKey [0xB9ECE20A]
SSDT BA69EDFF ZwQueryValueKey
SSDT BA69EDB4 ZwReplaceKey
SSDT BA69EDF0 ZwRequestWaitReplyPort
SSDT BA69EDAF ZwRestoreKey
SSDT BA69EDEB ZwSetContextThread
SSDT BA69EDF5 ZwSetSecurityObject
SSDT BA69EDA0 ZwSetValueKey
SSDT BA69EDFA ZwSystemDebugControl
SSDT BA69ED87 ZwTerminateProcess

INT 0x62 ? 8A53ABF8
INT 0x63 ? 8A33DBF8
INT 0x73 ? 8A53ABF8
INT 0x94 ? 8A33DBF8
INT 0xA4 ? 8A33DBF8
INT 0xB4 ? 8A33DBF8

---- Kernel code sections - GMER 1.0.15 ----

? spqv.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B95708AC 5 Bytes JMP 8A33D1D8
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xB92A2F80]
.text aztp2jyp.SYS B91D1386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text aztp2jyp.SYS B91D13AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text aztp2jyp.SYS B91D13C4 3 Bytes [00, 80, 02]
.text aztp2jyp.SYS B91D13C9 1 Byte [30]
.text aztp2jyp.SYS B91D13C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
? C:\DOCUME~1\DANIEL~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

Device 8A5391F8
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device 892FA1F8
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-0 8A25F1F8
Device \Driver\usbuhci \Device\USBPDO-1 8A25F1F8
Device \Driver\usbuhci \Device\USBPDO-2 8A25F1F8
Device \Driver\PCI_PNP1582 \Device\00000046 spqv.sys
Device \Driver\usbuhci \Device\USBPDO-3 8A25F1F8
Device \Driver\usbehci \Device\USBPDO-4 8A3261F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A4CB1F8
Device \Driver\Cdrom \Device\CdRom0 8A0FC1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A4CB1F8
Device \Driver\atapi \Device\Ide\IdePort0 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Ftdisk \Device\HarddiskVolume3 8A4CB1F8
Device \Driver\Cdrom \Device\CdRom1 8A0FC1F8
Device \Driver\Ftdisk \Device\HarddiskVolume4 8A4CB1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89B6C1F8
Device \Driver\NetBT \Device\NetbiosSmb 89B6C1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{35D46BEB-D142-466D-A91E-CD77E9FC6269} 89B6C1F8
Device \Driver\sptd \Device\2252375332 spqv.sys
Device \Driver\usbuhci \Device\USBFDO-0 8A25F1F8
Device \Driver\usbuhci \Device\USBFDO-1 8A25F1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89B711F8
Device \Driver\usbuhci \Device\USBFDO-2 8A25F1F8
Device 89B711F8
Device \Driver\usbuhci \Device\USBFDO-3 8A25F1F8
Device \Driver\usbehci \Device\USBFDO-4 8A3261F8
Device \Driver\Ftdisk \Device\FtControl 8A4CB1F8
Device \Driver\aztp2jyp \Device\Scsi\aztp2jyp1Port2Path0Target0Lun0 8A0E51F8
Device \Driver\aztp2jyp \Device\Scsi\aztp2jyp1 8A0E51F8

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device 89DF9500
Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----

Library C:\Documents (*** hidden *** ) @ C:\Documents and Settings\Daniel Hopkins\Application Data\WMPRWISE.EXE [316] 0x10000000
Library c:\windows\system32\n (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1040] 0x45670000
Library c:\windows\system32\n (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [1744] 0x45670000

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC@hdf12 0x6C 0xAB 0x44 0xEE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC\00000001@hdf12 0x08 0x5C 0x01 0xD6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC\00000001\gdq0@hdf12 0x29 0x30 0x11 0x17 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C@hdf12 0x6C 0xAB 0x44 0xEE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C\00000001@hdf12 0x08 0x5C 0x01 0xD6 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C\00000001\gdq0@hdf12 0x29 0x30 0x11 0x17 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8257CEE-4AFA-676C-CCA2-74A1FE5DBFB1}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8257CEE-4AFA-676C-CCA2-74A1FE5DBFB1}@abdbekccjomigbjnjiomoejeleoodlpkpp 0x61 0x62 0x62 0x61 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8257CEE-4AFA-676C-CCA2-74A1FE5DBFB1}@bbdbekccjomigbjnjinmnljeaoogbeangdej 0x61 0x62 0x6B 0x70 ...

---- EOF - GMER 1.0.15 ----

[flavallee]

Quote:

Originally Posted by axeman61

Yesterday, I was browsing the internet when my Avira started saying it caught 2 viruses or unwanted programs

I wasn't browsing any "risque" content; I was just on Digg and Cracked

What is "Digg" and "Cracked"?

Can you be more specific?

---------------------------------------------------------

[axeman61]

Digg is the famous news aggregator where people vote up stories, and cracked is a comedy site famous for its lists. You never know when either will be nsfw, so I didn't put actual web suffixes at the end of them.

I'm going to lay back on this topic. I posted for help somewhere else, and things are starting to pick up there. Don't want to waste anybody's time here unless things don't work out. I'll just keep this topic dormant until I need to come back to it.

[flavallee]

If you've posted for help in another forum and am making progress there, there's no sense in a gold/blue shield removal specialist assisting you here at this time.

Your current HiJackThis and DDS.txt and Attach.txt logs also are no longer valid because of whatever is being done in the other forum.

-----------------------------------------------------------

[axeman61]

Oh. OK. I'm really sorry about that. I thought of it as simply covering all my bases, but can now see how it makes things harder. Can someone close this? I'd do it myself, but for some reason I can't edit my first post now.

[flavallee]

Unless a Moderator decides otherwise, let's keep the thread open for now until you're done at the other forum.

After you're done there, come back here and advise us of the outcome.

---------------------------------------------------------

[axeman61]

Things are going well now. The trojans stepped off, and I'm waiting for the prognosis on my latest scan logs I posted to the forum. This can definitely be closed. Thanks for your initial reviewing of my logs though.

[flavallee]

Click the "Mark Solved" button at the top or bottom of this page.

-----------------------------------------------------