Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect Rootkit ?


  • This topic is locked This topic is locked
4 replies to this topic

#1 Lunacie

Lunacie

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 18 November 2012 - 07:41 AM

Attached File  attach.zip   4.17KB   0 downloads
Hello,

I have a problem with my boyfriend's computer. He keeps telling me that everytime he tries to visit a website from google, he just can't reach it, and he gets an ad instead.
He asked me to help him about that, and I tried but I'm always redirected...
I tried to run Kapersky TDSSKiller and Malwarebyte Anti-rookit but I found nothing.

I know there are already threads about that problem, but since you always say that we should not attempt something someone else was told to do, I thought I would create a new one.
I'm sorry if I'm not supposed to.

This is really frustrating, can you please help me about that ?




Here is the DDS.txt:

DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by THOMAS at 13:17:43 on 2012-11-18
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.6103.1843 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Users\THOMAS\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Shockvoice Server\shockvoice_service.exe
C:\Windows\Explorer.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\THOMAS\AppData\Local\Temp\D5BBE5E1-2EFF-4AC6-9ABD-75B388AEF5EE.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Jeux\Steam\Steam.exe
C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Logitech\LWS\LU\LULnchr.exe
C:\Program Files (x86)\Logitech\LWS\LU\LogitechUpdate.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\RootKit Mb\mbar.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2567681
uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=ixtreme_m5741&r=173606108816p04e5v155y45k1234q
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=ixtreme_m5741&r=173606108816p04e5v155y45k1234q
mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=ixtreme_m5741&r=173606108816p04e5v155y45k1234q
uURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
uURLSearchHooks: Messenger Plus Live France Toolbar: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\tbMess.dll
uURLSearchHooks: {ef79f67a-6ad7-4715-a0f8-932fca442023} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: Messenger Plus Live France Toolbar: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\tbMess.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Messenger Plus Live France Toolbar: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\tbMess.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\THOMAS\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Messenger Plus Live France Toolbar: {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\tbMess.dll
TB: Messenger Plus Live France Toolbar: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\tbMess.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
EB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "D:\Jeux\Steam\steam.exe" -silent
uRun: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Z1] C:\Program Files (x86)\RootKit Mb\mbar.exe /cleanup /s
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PLAYWI~1.LNK - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{821ED499-018E-4F63-B468-00C2934B7B52} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{821ED499-018E-4F63-B468-00C2934B7B52}\356425027596649602055726C69636 : DHCPNameServer = 109.0.66.10 109.0.66.20
TCP: Interfaces\{821ED499-018E-4F63-B468-00C2934B7B52}\F62716E67656D20716962796E676 : DHCPNameServer = 192.168.128.1 192.168.128.1
TCP: Interfaces\{87AEC9F9-F9E3-426D-BED3-6466904A0CAD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{A0CDBBD7-A71D-459C-8140-B6AFD26CE175} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=ixtreme_m5741&r=173606108816p04e5v155y45k1234q
x64-mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=ixtreme_m5741&r=173606108816p04e5v155y45k1234q
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\THOMAS\AppData\Roaming\Mozilla\Firefox\Profiles\84s8jvvc.default\
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Downloader\npdd.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\ma-config.com\nphardwaredetection.dll
FF - plugin: C:\Users\THOMAS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: C:\Windows\SysWOW64\npptools.dll
FF - ExtSQL: 2012-10-05 18:03; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\THOMAS\AppData\Roaming\Mozilla\Firefox\Profiles\84s8jvvc.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-28 55856]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-6-22 121936]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-6-22 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-6-22 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-5 40384]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\THOMAS\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-11-5 107520]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-12 2452912]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-18 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-5 676936]
R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2010-1-13 44312]
R2 Shockvoice Service;Shockvoice Service;C:\Program Files (x86)\Shockvoice Server\shockvoice_service.exe [2010-8-26 12288]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-19 382824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-9-19 2365792]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-3-28 2314240]
R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-1-13 240160]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-14 76320]
R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-5 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-5 40384]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2010-1-13 283824]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-1-13 56344]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
R3 Lycosa;Lycosa Keyboard;C:\Windows\System32\drivers\Lycosa.sys [2008-1-17 18816]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-9-5 25928]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-9-18 11880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2012-7-17 562688]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-11-13 31968]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2009-11-6 838136]
S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-7-21 16640]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2012-6-29 26752]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2010-7-7 271712]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-7-7 339040]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-7-7 6465632]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\x64\maconfservice.exe [2012-10-28 427976]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-10-16 244224]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-23 1255736]
.
=============== Created Last 30 ================
.
2015-04-07 22:54:21 -------- d-----w- C:\Users\THOMAS\AppData\Local\Skyrim
2015-04-07 22:31:16 -------- d-----w- C:\Users\THOMAS\AppData\Local\{0B0026C7-E16B-4E2A-9D22-C53556CB7877}
2015-04-07 22:30:10 -------- d-----w- C:\Users\THOMAS\AppData\Local\{9DFDE27A-2002-43AC-B03C-1E5C8EBF7FE2}
2012-11-18 12:14:12 -------- d-----w- C:\Program Files (x86)\RootKit Mb
2012-11-18 11:24:51 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\SpeedyPC Software
2012-11-18 11:24:51 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\DriverCure
2012-11-18 11:24:47 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software
2012-11-18 11:24:45 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-11-18 11:24:45 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2012-11-18 11:01:43 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-16 23:06:02 131072 --sha-r- C:\Windows\SysWow64\vfwwdm32R.dll
2012-11-16 08:45:58 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{358D2D65-638A-4EC0-B00D-36C31EE82AC9}\mpengine.dll
2012-11-14 03:11:38 -------- d-----w- C:\Windows\SysWow64\mods
2012-11-14 03:11:34 -------- d-----w- C:\Windows\SysWow64\lib
2012-11-14 03:11:34 -------- d-----w- C:\Windows\SysWow64\coremods
2012-11-14 03:07:30 -------- d-----w- C:\Windows\SysWow64\world
2012-11-14 02:59:31 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-14 02:11:39 2560 ----a-w- C:\Windows\System32\drivers\fr-FR\wdf01000.sys.mui
2012-11-14 02:11:38 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-14 02:11:38 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-14 02:11:38 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-14 02:01:52 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-14 02:01:52 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-14 02:01:50 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-14 02:01:48 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-14 02:01:47 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-14 02:01:47 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-14 02:01:47 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-13 22:17:12 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-11-13 22:16:57 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-13 22:16:56 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-13 00:09:11 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-13 00:00:23 14456 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\mjcriu.dll
2012-11-12 23:50:16 29784 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\qwadjb.dll
2012-11-12 23:50:16 18724 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\bass.dll
2012-11-12 23:50:16 1758720 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\engine_vx.dll
2012-11-12 23:50:16 17472 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\rsaadjd.dll
2012-11-12 23:50:16 17472 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\1eaadjc.dll
2012-11-12 23:50:16 16448 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\kfgresk.dll
2012-11-12 23:50:16 12352 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\peaadje.dll
2012-11-12 23:50:16 105016 ----atw- C:\Users\THOMAS\AppData\Roaming\Microsoft\~DFKd221f5.tmp
2012-11-12 23:47:15 31968 ---ha-w- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys
2012-11-12 23:47:15 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\Apowersoft
2012-11-12 23:46:51 -------- d-----w- C:\Users\THOMAS\AppData\Local\Programs
2012-11-11 15:06:20 -------- d-----w- C:\Users\THOMAS\AppData\Local\{057D4A20-936A-4845-BD5C-CCEFE79C1B6C}
2012-11-10 18:10:54 -------- d-----w- C:\Users\THOMAS\AppData\Local\LogMeIn Hamachi
2012-11-10 15:34:50 -------- d-----w- C:\Users\THOMAS\AppData\Local\{B86A7641-8E92-4B0A-B191-C41755C9D7D9}
2012-11-05 00:38:01 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2012-11-05 00:37:59 -------- d-----w- C:\Program Files (x86)\DefaultTab
2012-11-05 00:37:54 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\DefaultTab
2012-11-04 17:26:49 -------- d-----w- C:\Users\THOMAS\AppData\Local\{F17A1129-A2BB-42FF-BF9C-E0248A466405}
2012-11-03 02:09:06 -------- d-----w- C:\Users\THOMAS\AppData\Local\{947BDEBE-08C8-4C1A-8045-A6C66CEEAA43}
2012-11-02 11:03:45 -------- d-----w- C:\NVIDIA
2012-10-31 15:11:54 -------- d-----w- C:\Program Files (x86)\SplitMediaLabs
2012-10-30 17:23:38 -------- d-----w- C:\Users\THOMAS\AppData\Local\Sony
2012-10-29 22:30:06 -------- d-----w- C:\Fraps
2012-10-28 18:04:05 34656 ----a-w- C:\Windows\System32\TURegOpt.exe
2012-10-28 18:04:05 25952 ----a-w- C:\Windows\System32\authuitu.dll
2012-10-28 18:04:04 21344 ----a-w- C:\Windows\SysWow64\authuitu.dll
2012-10-28 18:03:36 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\TuneUp Software
2012-10-28 18:03:24 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2012-10-28 18:02:31 -------- d-----w- C:\ProgramData\TuneUp Software
2012-10-28 18:01:52 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-10-28 18:01:52 -------- d--h--w- C:\ProgramData\Common Files
2012-10-28 16:42:48 -------- d-----w- C:\Users\THOMAS\AppData\Local\{48367B97-AA55-42BA-B650-CC1791635E52}
2012-10-27 12:56:44 -------- d-----w- C:\Users\THOMAS\AppData\Local\{E5314C75-C17C-4660-A8EE-B9B7E4B92666}
2012-10-26 02:21:20 -------- d-----w- C:\Users\THOMAS\AppData\Local\{42053340-7EE0-4AF3-912B-073ED35FC70E}
2012-10-24 16:38:27 -------- d-----w- C:\ProgramData\SimilarSites
2012-10-24 16:38:17 -------- d-----w- C:\Program Files\Core Temp
2012-10-24 16:38:14 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\SimilarSites
2012-10-24 16:38:14 -------- d-----w- C:\Program Files (x86)\SimilarSites
2012-10-24 16:38:09 -------- d-----w- C:\Program Files (x86)\Chrome
2012-10-24 02:36:32 163056 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-22 23:19:40 -------- d-----w- C:\Users\THOMAS\AppData\Local\{B76C410A-A7E5-4683-8D4D-65BFAF19C214}
2012-10-22 07:24:20 -------- d-----w- C:\Users\THOMAS\AppData\Local\{7D41DA61-00A1-4403-A59C-860D95ABF9F6}
2012-10-19 17:32:44 -------- d-----w- C:\Users\THOMAS\AppData\Local\CRE
2012-10-19 17:32:40 -------- d-----w- C:\Users\THOMAS\AppData\Local\Conduit
2012-10-19 17:32:31 -------- d-----w- C:\Program Files (x86)\BitTorrent
2012-10-19 16:58:44 438120 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M ====================
.
2012-11-14 02:59:23 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-14 02:59:23 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-20 00:36:20 3544134 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-10-20 00:35:55 6222696 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-20 00:35:52 3310440 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-20 00:35:10 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-20 00:35:09 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-20 00:35:09 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-20 00:35:09 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-10-08 21:17:18 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 21:17:18 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-09-29 18:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-30 13:18:02 71680 ----a-w- C:\Windows\System32\frapsv64.dll
2012-08-30 13:18:00 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-23 01:22:19 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-08-23 01:22:13 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 13:18:47,14 ===============


Thanks for reading.

BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:32 AM

Posted 18 November 2012 - 09:26 AM

Please do the following:

Download the appropriate version for your system of the Farbar Recovery Scan Tool and save it to a flash drive. (Choose the correct version depending on which architecture operating system you are using, 32bit (x86) or 64 (x64) bit)

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to the disclaimer.
[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there
[*]Press Scan button.
[*]FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:
services.exe
[*]now press the search button
[*]when the search is complete, search.txt will also be written to your USB
[*]type exit and reboot the computer normally
[*]please copy and paste both logs in your reply.(FRST.txt and Search.txt)[/list]

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 Lunacie

Lunacie
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 18 November 2012 - 09:29 PM

Insert the installation disc.


I'm sorry but I don't understand that part.
What disc am I supposed to use ?
Thanks a lot for helping me.

Edited by Lunacie, 18 November 2012 - 09:29 PM.


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:32 AM

Posted 18 November 2012 - 10:04 PM

there are two set's of instructions there, one is for when the recovery environment is pre-installed, the other is not.

if you don't have the Recovery environment pre-installed on your system you will need an installation disk

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:32 AM

Posted 25 November 2012 - 08:24 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users