1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

TidyNetwork.com Malware Removal. PLEASE HELP!!!

Discussion in 'Virus & Other Malware Removal' started by johnwlawler, Jan 24, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. johnwlawler

    johnwlawler Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    5
    Hello Techguys Support Staff,

    I have found a virus on my new computer and would very much appreciate your help as quickly as possible!

    Thanks,

    John

    Hijack This Log

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:30:37 PM, on 1/23/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Users\John Lawler\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
    O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
    O4 - HKLM\..\Run: [Sound Blaster Recon3D PCIe Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe" /r
    O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
    O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1125\7.5.1125\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll
    O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
    O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: SB Recon3D Service (CtHdaSvc) - Creative Technology Ltd - C:\Windows\sysWow64\CtHdaSvc.exe
    O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9822 bytes


    DDS Log

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457
    Run by John Lawler at 23:30:57 on 2013-01-23
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.65481.60665 [GMT -8:00]
    .
    AV: Trend Micro Titanium Internet Security *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
    SP: Trend Micro Titanium Internet Security *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
    C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\sysWow64\CtHdaSvc.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k regsvc
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Logitech Gaming Software\LCore.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uSearch Bar = Preserve
    mStart Page = about:blank
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
    TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
    mRun: [Sound Blaster Recon3D PCIe Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe" /r
    mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
    mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    uPolicies-Explorer: NoViewOnDrive = dword:0
    uPolicies-Explorer: DisableLocalMachineRun = dword:0
    uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
    uPolicies-Explorer: DisableCurrentUserRun = dword:0
    uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    uPolicies-Explorer: NoFile = dword:0
    uPolicies-Explorer: HideClock = dword:0
    uPolicies-Explorer: NoDevMgrUpdate = dword:0
    uPolicies-Explorer: NoDFSTab = dword:0
    uPolicies-Explorer: NoWindowsUpdate = dword:0
    uPolicies-Explorer: NoEncryptOnMove = dword:0
    uPolicies-Explorer: NoRunasInstallPrompt = dword:0
    uPolicies-Explorer: NoResolveTrack = dword:0
    uPolicies-Explorer: NoStartMenuSubFolders = dword:0
    uPolicies-System: NoDispAppearancePage = dword:0
    uPolicies-System: NoDispSettingsPage = dword:0
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoViewOnDrive = dword:0
    mPolicies-Explorer: DisableLocalMachineRun = dword:0
    mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
    mPolicies-Explorer: DisableCurrentUserRun = dword:0
    mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-Explorer: NoFile = dword:0
    mPolicies-Explorer: HideClock = dword:0
    mPolicies-Explorer: NoDevMgrUpdate = dword:0
    mPolicies-Explorer: NoDFSTab = dword:0
    mPolicies-Explorer: NoWindowsUpdate = dword:0
    mPolicies-Explorer: NoEncryptOnMove = dword:0

    Attach Log

    Will post if requested


    Ark.txt Log

    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-24 00:05:44
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2002FAEX-007BA0 rev.05.01D05 1863.02GB
    Running: gmer.exe; Driver: C:\Users\JOHNLA~1\AppData\Local\Temp\ufliakob.sys


    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes [7D, 75]
    .text ... * 9
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2576] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes [7D, 75]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2872] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000725217fa 2 bytes [52, 72]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2872] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000072521860 2 bytes [52, 72]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2872] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000072521942 2 bytes [52, 72]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2872] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 000000007252194d 2 bytes [52, 72]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes [7D, 75]
    .text ... * 9
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes [7D, 75]
    .text C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe[4792] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000769787b1 5 bytes JMP 0000000173a91000
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes [7D, 75]
    .text ... * 9
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[4648] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000769787b1 5 bytes JMP 0000000173a91000
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes [7D, 75]
    .text ... * 9
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes [7D, 75]
    .text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes [7D, 75]

    ---- Threads - GMER 2.0 ----

    Thread C:\Windows\System32\svchost.exe [2032:4320] 000007fefbdc9688
    Thread C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [4720:5380] 00000000035436a0
    Thread C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [4720:6088] 00000000047e5490
    Thread C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [4720:5784] 00000000035e0c40
    ---- Processes - GMER 2.0 ----

    Library ? (*** suspicious ***) @ C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe [2184] 000007fefe1a0000
    Library ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [2032] 000007feff7f0000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [4720] 00000000003f0000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [3680] 0000000075780000

    ---- Registry - GMER 2.0 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026833b5ddf
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026833b5ddf (not active ControlSet)

    ---- Files - GMER 2.0 ----

    File C:\ProgramData\Trend Micro\AMSP\temp\TMFBE\c17t1700v6.0.0l1p5889r1o21\b.ee5009ef246e66c14c52921f6800211d48b6574a 548 bytes

    ---- EOF - GMER 2.0 ----





    Please tell me if you need anything else!
     
  2. johnwlawler

    johnwlawler Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    5
    I apologize. I realize that I didn't provide you with enough information in my first post.

    About a week ago, random words (on any/every web page) began appearing bold (often purple, orange or green) and double underlined. When my cursor passed over them, an ad, sponsored by Tidy Networks, would pop up, only to disappear as soon as my cursor moved away. Then, a bit later, whenever I opened a new link, an addition tab would be opened containing a full page advertisement, again, sponsored by Tidy Networks (or TidyNetworks.com). Toolbar add-on began appearing, my computer slowed down significantly and programs I wasn't sure I'd seen before appeared in the "Programs and Features" section of Control Panel (e.g. Cyberlink\PowerDVD12\Kernel, PnkBstrA, CyberLink\Power2Go\CLMLSvc, and Strongvault Online Backup).
    I searched my registry data and found a few suspect entries, but was (and am) hesitant to touch them. (e.g. “C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1125\7.5.1125\chrome_tmbep.crx”). There was one named “C:\Users\John Lawler\AppData\Local\TidyNetwork.com\tidy.exe”, (Registry File: “Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ ‘very long IDENTIFIER’ ), but it seems as if one of my anti-virus’ (Trend Micro Titanium, Malwarebites, and Webroot, at one point or another over the past 7 days) removed it.
    I do not know if the virus is fully expunged though, nor am I certain which, if any, of my programs were downloaded by the TidyNetwork.com virus, and need to be removed. Any help will be much appreciated.
    Thanks!
    John

    TidyNetwork.com Kaspersky classification: “HEUR: Trojan.Win32.Generic”, “Troj.Win32.Gen”, or “Win32.Gen”.
     
  3. johnwlawler

    johnwlawler Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    5
  4. johnwlawler

    johnwlawler Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    5
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1086636

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice