Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? Can't access internet


  • This topic is locked This topic is locked
2 replies to this topic

#1 Sevarry

Sevarry

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:36 PM

Posted 23 October 2014 - 10:39 PM

Suddenly can't access the internet, out of ideas so I downloaded FRST and FSS. Any help or advice would be appreciated. Results:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013 (ATTENTION: ====> FRST version is 333 days old and could be outdated)
Ran by TQNR36 (administrator) on TQNR36-07 on 23-10-2014 18:27:25
Running from C:\
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BigFix Inc.) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
() C:\Windows\System32\enstart64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
(SupportSoft, Inc.) C:\Program Files (x86)\SupportSoft_Amer_MSI_7\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files (x86)\SupportSoft_Amer_MSI_7\bin\tgsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe
(IBM Corp.) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
(IBM Corp.) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\TQNR36\AppData\Local\Amazon Music\Amazon Music Helper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(SupportSoft, Inc.) C:\Program Files (x86)\SupportSoft_Amer_MSI_7\bin\sprtcmd.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-09-01] (Synaptics Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-08-29] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-08-23] (Hewlett-Packard Company)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-15] (CANON INC.)
HKLM Group Policy restriction on software: t2serv.wax <====== ATTENTION
HKLM Group Policy restriction on software: t2serv.exe <====== ATTENTION
HKLM Group Policy restriction on software: logo1_.exe <====== ATTENTION
HKLM Group Policy restriction on software: gdi3fde.dll <====== ATTENTION
HKLM Group Policy restriction on software: t2serv.s <====== ATTENTION
HKLM Group Policy restriction on software: rundl132.exe <====== ATTENTION
HKLM Group Policy restriction on software: t2serv.dll <====== ATTENTION
HKLM Group Policy restriction on software: e1.dll <====== ATTENTION
HKLM Group Policy restriction on software: rdpdvckn.dll <====== ATTENTION
HKLM Group Policy restriction on software: hplutool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%\System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [Lync] - C:\Program Files (x86)\Microsoft Office\Office15\lync.exe [19049112 2014-07-27] (Microsoft Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_6EC358297B4C347CA5A75C2E545347FE] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-09] (Google Inc.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-24] (Electronic Arts)
HKCU\...\Run: [Google Update] - C:\Users\TQNR36\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-10] (Google Inc.)
HKCU\...\Run: [Amazon Music] - C:\Users\TQNR36\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-04] ()
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [7767832 2014-10-06] (SUPERAntiSpyware)
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Policies\Explorer: [NoAutorun] 1
MountPoints2: D - D:\MotoCastSetup.exe -a
MountPoints2: {3eda890e-c361-11e3-982c-002713c62d46} - G:\win\setup.exe -phs
MountPoints2: {52bfdb16-b9ae-11e3-93a7-002713c62d46} - D:\MotoCastSetup.exe -a
MountPoints2: {543a5287-087d-11e4-9796-002713c62d46} - F:\win\setup.exe -phs
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SupportSoft_Amer_MSI_7] - C:\Program Files (x86)\SupportSoft_Amer_MSI_7\bin\sprtcmd.exe [218440 2013-03-15] (SupportSoft, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2014-02-02] (Power Software Ltd)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\Administrator\...\Run: [Lync] - C:\Program Files (x86)\Microsoft Office\Office15\lync.exe [19049112 2014-07-27] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install.cmd ()
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install.cmd ()
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: http=127.0.0.1:49899;https=127.0.0.1:49899
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\IPS\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\TQNR36\AppData\Roaming\Mozilla\Firefox\Profiles\ku2s6czu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.11.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\TQNR36\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\TQNR36\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\TQNR36\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\TQNR36\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\TQNR36\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\TQNR36\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\IPSFF
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup:       "urls_to_restore_on_startup": null
CHR Extension: (Google Docs) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0
CHR Extension: (Google Drive) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0
CHR Extension: (YouTube) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0
CHR Extension: (Gmail) - C:\Users\TQNR36\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-19] (SUPERAntiSpyware.com)
R2 BESClient; C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe [5387640 2013-05-03] (IBM Corp.)
R2 BESClientHelper; C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientHelper.exe [737367 2014-02-26] (BigFix Inc.)
R2 enstart64; C:\windows\system32\enstart64.exe [1576960 2014-02-26] ()
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe [144368 2013-05-25] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe [2316184 2013-05-25] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\snac64.exe [334736 2013-05-25] (Symantec Corporation)
R2 sprtsvc_supportsoft_amer_msi_7; C:\Program Files (x86)\SupportSoft_Amer_MSI_7\bin\sprtsvc.exe [218440 2013-03-15] (SupportSoft, Inc.)
R2 tgsrvc_supportsoft_amer_msi_7; C:\Program Files (x86)\SupportSoft_Amer_MSI_7\bin\tgsrvc.exe [214344 2013-03-15] (SupportSoft, Inc.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [x]
 
==================== Drivers (Whitelisted) ====================
 
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20141003.013\BHDrvx64.sys [1586904 2014-10-04] (Symantec Corporation)
R1 ccSettings_{E1A40A89-2B89-44FA-9E96-395B7D7F03AC}; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\ccSetx64.sys [169048 2013-05-25] (Symantec Corporation)
R1 CSN5PDTS82x64; C:\Windows\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Colasoft Co., Ltd.)
S3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-11] (Symantec Corporation)
R1 enstart64_; C:\windows\system32\enstart64_.sys [66112 2014-02-26] (Guidance Software Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-11] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\IPSDefs\20141021.011\IDSvia64.sys [525016 2014-06-17] (Symantec Corporation)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26712 2011-08-29] (JMicron Technology Corp.)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20141022.003\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20141022.003\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismcx64.sys [79488 2006-10-03] (RICOH Company, Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ser2co; C:\Windows\System32\DRIVERS\ser2co64.sys [93184 2008-01-31] (Prolific Technology Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2614520 2011-08-29] (Sunplus Technology)
R3 SRTSP; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\SRTSP64.SYS [796760 2013-05-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\SRTSPX64.SYS [36952 2013-05-25] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\SyDvCtrl64.sys [34800 2013-05-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMDS64.SYS [493656 2013-05-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMEFA64.SYS [1139800 2013-05-25] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-02-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\Ironx64.SYS [224416 2013-05-25] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMNETS.SYS [433752 2013-05-25] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [159472 2014-02-25] (Symantec Corporation)
R3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [40448 2011-08-29] (Generic)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [91944 2013-05-25] (Symantec Corporation)
S1 CSN5PDTS82; System32\Drivers\CSN5PDTS82.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-10-23 18:27 - 2014-10-23 18:28 - 00023990 _____ C:\FRST.txt
2014-10-23 18:27 - 2014-10-23 18:27 - 00000000 ____D C:\FRST
2014-10-23 18:26 - 2014-10-23 18:25 - 00415232 _____ (Farbar) C:\FSS.exe
2014-10-23 18:26 - 2014-09-19 23:56 - 01958440 _____ (Farbar) C:\FRST64.exe
2014-10-23 17:51 - 2014-10-23 17:51 - 00000000 ____D C:\ProgramData\HitmanPro
2014-10-23 17:48 - 2014-10-23 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-23 17:47 - 2014-10-23 18:17 - 00000000 ____D C:\Users\TQNR36\mbar
2014-10-23 17:47 - 2014-10-23 17:44 - 14349744 _____ (Malwarebytes Corp.) C:\mbar-1.07.0.1012.exe
2014-10-23 17:47 - 2014-10-23 17:42 - 11194928 _____ (SurfRight B.V.) C:\HitmanPro_x64.exe
2014-10-23 10:02 - 2014-10-23 10:02 - 00000000 ____D C:\MININT
2014-10-22 17:54 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-10-22 17:54 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-10-22 14:28 - 2014-10-22 14:28 - 00000575 _____ C:\BFXmessage.txt
2014-10-20 13:35 - 2014-10-20 13:35 - 00002841 _____ C:\Users\TQNR36\Documents\ATT Payment Processed for Account Ending in 4905.txt
2014-10-20 12:47 - 2014-10-20 12:48 - 00468512 _____ C:\windows\Minidump\102014-55130-01.dmp
2014-10-20 09:12 - 2014-10-20 11:10 - 00137216 _____ C:\Users\TQNR36\Documents\Quantar Opto Site 4 Noble.xls
2014-10-17 11:22 - 2014-10-17 11:52 - 00137216 _____ C:\Users\TQNR36\Documents\Quantar Opto Site 3 Bullion.xls
2014-10-16 19:17 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 19:17 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 19:17 - 2014-08-28 19:07 - 05780480 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 19:17 - 2014-08-28 19:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 19:17 - 2014-08-28 19:07 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-10-16 19:17 - 2014-08-28 19:07 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-10-16 19:17 - 2014-08-28 19:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 19:17 - 2014-08-28 18:44 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 19:17 - 2014-08-28 18:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 19:17 - 2014-08-28 18:44 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 19:17 - 2014-08-28 18:44 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-10-16 19:17 - 2014-07-16 19:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 19:17 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-16 19:17 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 19:17 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-16 19:17 - 2014-07-16 19:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-16 19:17 - 2014-07-16 19:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-16 19:17 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 19:17 - 2014-07-16 18:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-16 19:17 - 2014-07-16 18:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-16 19:17 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-16 19:17 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-16 19:17 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-10-16 19:17 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-10-16 19:17 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-10-16 19:17 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-10-16 19:17 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-10-16 19:16 - 2014-09-12 18:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 19:16 - 2014-09-12 18:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:27 - 2014-10-22 15:56 - 00137216 _____ C:\Users\TQNR36\Documents\Quantar Opto Site 2 Argos.xls
2014-10-13 11:37 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-13 11:37 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-13 11:37 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-13 11:37 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-13 11:37 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-13 11:37 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-13 11:37 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-13 11:37 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-13 11:37 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-13 11:37 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-13 11:37 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-13 11:37 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-13 11:37 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-13 11:37 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-13 11:37 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-13 11:37 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-13 11:37 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-13 11:37 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-13 11:37 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-13 11:37 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-13 11:37 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-13 11:37 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-13 11:37 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-13 11:37 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-13 11:37 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-13 11:37 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-13 11:37 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-13 11:37 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-13 11:37 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-13 11:37 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-13 11:37 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-13 11:37 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-13 11:37 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-13 11:37 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-13 11:37 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-13 11:37 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-13 11:37 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-13 11:37 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-13 11:37 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-13 11:37 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-13 11:37 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-13 11:37 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-13 11:37 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-13 11:37 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-13 11:37 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-13 11:37 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-13 11:37 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-13 11:37 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-13 11:37 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-13 11:37 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-13 11:37 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-13 11:37 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-13 11:37 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-13 11:37 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-13 11:37 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-13 11:37 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-13 10:30 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-10-13 10:30 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-10-13 10:30 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-03 09:22 - 2014-10-07 08:50 - 00022306 _____ C:\Users\TQNR36\Documents\FINANCIAL HQ (5).xlsx
2014-10-02 09:27 - 2014-10-23 10:03 - 00052801 _____ C:\Users\Public\cmdlocal.log
2014-10-01 14:26 - 2010-11-20 06:25 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\pssschtasks.exe
2014-10-01 14:26 - 2010-11-20 06:24 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\pssbitsadmin.exe
2014-10-01 14:26 - 2010-11-20 05:17 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\pssschtasks.exe
2014-10-01 14:26 - 2010-11-20 05:16 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\pssbitsadmin.exe
2014-10-01 14:26 - 2009-07-13 18:39 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\pssnet.exe
2014-10-01 14:26 - 2009-07-13 18:39 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\psssc.exe
2014-10-01 14:26 - 2009-07-13 18:39 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\pssnetstat.exe
2014-10-01 14:26 - 2009-07-13 18:39 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\pssping.exe
2014-10-01 14:26 - 2009-07-13 18:38 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\pssat.exe
2014-10-01 14:26 - 2009-07-13 18:14 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\pssnet.exe
2014-10-01 14:26 - 2009-07-13 18:14 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\psssc.exe
2014-10-01 14:26 - 2009-07-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\pssnetstat.exe
2014-10-01 14:26 - 2009-07-13 18:14 - 00024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\pssat.exe
2014-10-01 14:26 - 2009-07-13 18:14 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\pssping.exe
2014-10-01 14:00 - 2014-10-01 14:00 - 00055948 _____ C:\Users\TQNR36\Downloads\Attachments_2014101.zip
2014-09-30 10:23 - 2014-09-30 10:24 - 00000000 ____D C:\Program Files\Wireshark
2014-09-29 16:54 - 2014-09-29 16:55 - 00000000 ____D C:\Minimator
2014-09-29 09:23 - 2014-10-20 14:06 - 00024064 _____ C:\Users\TQNR36\Documents\Case Report MCAGCC 29 Palms.xls
2014-09-24 15:51 - 2014-09-24 15:51 - 00001843 _____ C:\Users\Administrator\Desktop\Cain.lnk
2014-09-24 15:41 - 2014-09-24 15:41 - 00011612 _____ C:\Users\TQNR36\Downloads\hash
2014-09-24 08:28 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-24 08:28 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-23 12:20 - 2014-09-23 12:36 - 00000000 ____D C:\Users\TQNR36\Documents\HackThisSite.org
2014-09-23 09:44 - 2014-09-23 09:46 - 00000000 ____D C:\Users\TQNR36\Documents\Visual Studio 2005
2014-09-23 09:42 - 2014-09-23 09:42 - 00032111 _____ C:\Users\TQNR36\Downloads\xhtml1-transitional.dtd
2014-09-23 06:33 - 2014-09-23 06:33 - 00019246 _____ C:\Users\TQNR36\Downloads\trout.zip
 
==================== One Month Modified Files and Folders =======
 
2014-10-23 18:28 - 2014-10-23 18:27 - 00023990 _____ C:\FRST.txt
2014-10-23 18:28 - 2014-06-10 13:12 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-287218729-725345543-1812437UA.job
2014-10-23 18:28 - 2014-02-25 15:39 - 01699814 _____ C:\windows\WindowsUpdate.log
2014-10-23 18:27 - 2014-10-23 18:27 - 00000000 ____D C:\FRST
2014-10-23 18:25 - 2014-10-23 18:26 - 00415232 _____ (Farbar) C:\FSS.exe
2014-10-23 18:18 - 2014-02-28 21:55 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 18:17 - 2014-10-23 17:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-23 18:17 - 2014-10-23 17:47 - 00000000 ____D C:\Users\TQNR36\mbar
2014-10-23 18:09 - 2014-07-22 21:09 - 00000320 _____ C:\windows\Tasks\Groovorio Updater.job
2014-10-23 18:06 - 2009-07-13 22:13 - 00792732 _____ C:\windows\system32\PerfStringBackup.INI
2014-10-23 18:03 - 2009-07-13 20:20 - 00000000 ____D C:\windows\system32\NDF
2014-10-23 17:51 - 2014-10-23 17:51 - 00000000 ____D C:\ProgramData\HitmanPro
2014-10-23 17:48 - 2014-06-20 13:55 - 00128728 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-23 17:48 - 2014-06-20 13:55 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-23 17:47 - 2014-02-26 10:10 - 00000000 ____D C:\Users\TQNR36
2014-10-23 17:44 - 2014-10-23 17:47 - 14349744 _____ (Malwarebytes Corp.) C:\mbar-1.07.0.1012.exe
2014-10-23 17:42 - 2014-10-23 17:47 - 11194928 _____ (SurfRight B.V.) C:\HitmanPro_x64.exe
2014-10-23 17:39 - 2014-02-25 16:02 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 17:34 - 2014-04-15 10:38 - 00000540 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2052111302-287218729-725345543-1812437.job
2014-10-23 15:39 - 2014-05-15 19:29 - 00000000 ___RD C:\Users\TQNR36\Virtual Machines
2014-10-23 13:28 - 2014-06-10 13:12 - 00000860 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-287218729-725345543-1812437Core.job
2014-10-23 12:43 - 2009-07-13 21:45 - 00018896 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 12:43 - 2009-07-13 21:45 - 00018896 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 12:38 - 2014-05-31 19:54 - 00000000 ____D C:\ProgramData\Origin
2014-10-23 12:35 - 2014-02-28 21:55 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 11:02 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-10-23 11:02 - 2009-07-13 21:51 - 00117012 _____ C:\windows\setupact.log
2014-10-23 11:01 - 2010-12-03 16:42 - 01053878 _____ C:\windows\PFRO.log
2014-10-23 10:03 - 2014-10-02 09:27 - 00052801 _____ C:\Users\Public\cmdlocal.log
2014-10-23 10:02 - 2014-10-23 10:02 - 00000000 ____D C:\MININT
2014-10-23 08:38 - 2014-06-19 08:18 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-10-23 08:33 - 2014-06-20 14:20 - 00000000 ____D C:\ProgramData\AVAST Software
2014-10-23 06:00 - 2014-05-13 08:55 - 00000000 ____D C:\Users\TQNR36\Desktop\Shortcuts
2014-10-22 17:52 - 2013-10-24 12:26 - 00000000 ____D C:\windows\system32\MRT
2014-10-22 17:46 - 2014-04-15 14:53 - 00000124 _____ C:\Users\TQNR36\Desktop\29 Palms Progress.txt
2014-10-22 17:36 - 2014-02-26 10:11 - 00113880 _____ C:\Users\TQNR36\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-22 17:28 - 2009-07-13 21:45 - 00443592 _____ C:\windows\system32\FNTCACHE.DAT
2014-10-22 17:25 - 2014-05-31 20:11 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-10-22 15:58 - 2014-08-22 10:33 - 00000000 ____D C:\Program Files (x86)\Nmap
2014-10-22 15:56 - 2014-10-16 13:27 - 00137216 _____ C:\Users\TQNR36\Documents\Quantar Opto Site 2 Argos.xls
2014-10-22 14:28 - 2014-10-22 14:28 - 00000575 _____ C:\BFXmessage.txt
2014-10-22 13:03 - 2010-12-03 16:38 - 00000000 ____D C:\ProgramData\Symantec
2014-10-22 08:41 - 2014-02-26 09:57 - 00000320 _____ C:\windows\system32\config\netlogon.ftl
2014-10-21 13:23 - 2014-06-10 13:12 - 00003888 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-287218729-725345543-1812437UA
2014-10-21 13:23 - 2014-06-10 13:12 - 00003492 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-287218729-725345543-1812437Core
2014-10-21 08:38 - 2014-02-26 09:35 - 00000000 ____D C:\windows\bigfix
2014-10-20 21:45 - 2014-02-26 10:11 - 00007602 _____ C:\Users\TQNR36\AppData\Local\resmon.resmoncfg
2014-10-20 20:10 - 2014-05-31 19:54 - 00000000 ____D C:\Program Files (x86)\Origin
2014-10-20 14:06 - 2014-09-29 09:23 - 00024064 _____ C:\Users\TQNR36\Documents\Case Report MCAGCC 29 Palms.xls
2014-10-20 13:35 - 2014-10-20 13:35 - 00002841 _____ C:\Users\TQNR36\Documents\ATT Payment Processed for Account Ending in 4905.txt
2014-10-20 12:48 - 2014-10-20 12:47 - 00468512 _____ C:\windows\Minidump\102014-55130-01.dmp
2014-10-20 12:47 - 2014-04-04 11:50 - 735761809 _____ C:\windows\MEMORY.DMP
2014-10-20 12:47 - 2014-04-04 11:50 - 00000000 ____D C:\windows\Minidump
2014-10-20 11:20 - 2014-04-04 12:04 - 00000600 _____ C:\Users\TQNR36\AppData\Local\PUTTY.RND
2014-10-20 11:10 - 2014-10-20 09:12 - 00137216 _____ C:\Users\TQNR36\Documents\Quantar Opto Site 4 Noble.xls
2014-10-19 10:13 - 2014-02-28 21:55 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 10:13 - 2014-02-28 21:55 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 13:03 - 2014-08-14 13:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-10-17 11:52 - 2014-10-17 11:22 - 00137216 _____ C:\Users\TQNR36\Documents\Quantar Opto Site 3 Bullion.xls
2014-10-15 13:38 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2014-10-15 10:49 - 2014-03-04 10:48 - 00000000 ____D C:\Users\TQNR36\Desktop\Configs
2014-10-14 08:32 - 2014-08-23 21:06 - 00000000 ____D C:\Users\TQNR36\AppData\Local\LogMeIn Hamachi
2014-10-09 14:33 - 2014-04-22 10:36 - 00022455 _____ C:\Users\TQNR36\Documents\FINANCIAL HQ.xlsx
2014-10-09 12:25 - 2014-06-10 13:16 - 00000000 ____D C:\Users\TQNR36\AppData\Roaming\Mozilla
2014-10-07 13:25 - 2014-05-11 18:55 - 00000000 ____D C:\Program Files (x86)\Steam
2014-10-07 08:50 - 2014-10-03 09:22 - 00022306 _____ C:\Users\TQNR36\Documents\FINANCIAL HQ (5).xlsx
2014-10-03 10:02 - 2010-12-03 14:15 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-02 11:02 - 2014-02-26 12:10 - 00000000 ____D C:\Users\TQNR36\Documents\My Documents Feb 2014
2014-10-01 14:24 - 2012-12-17 09:06 - 00100864 _____ C:\windows\system32\schtasks.exe
2014-10-01 14:24 - 2012-12-17 09:05 - 00100864 _____ C:\windows\SysWOW64\schtasks.exe
2014-10-01 14:24 - 2009-07-13 17:10 - 00100864 _____ C:\windows\system32\PING.EXE
2014-10-01 14:24 - 2009-07-13 17:10 - 00100864 _____ C:\windows\system32\NETSTAT.EXE
2014-10-01 14:24 - 2009-07-13 16:55 - 00100864 _____ C:\windows\SysWOW64\PING.EXE
2014-10-01 14:24 - 2009-07-13 16:55 - 00100864 _____ C:\windows\SysWOW64\NETSTAT.EXE
2014-10-01 14:24 - 2009-07-13 16:53 - 00100864 _____ C:\windows\system32\net.exe
2014-10-01 14:24 - 2009-07-13 16:53 - 00100864 _____ C:\windows\system32\at.exe
2014-10-01 14:24 - 2009-07-13 16:37 - 00100864 _____ C:\windows\SysWOW64\net.exe
2014-10-01 14:24 - 2009-07-13 16:37 - 00100864 _____ C:\windows\SysWOW64\at.exe
2014-10-01 14:24 - 2009-07-13 16:31 - 00100864 _____ C:\windows\system32\sc.exe
2014-10-01 14:24 - 2009-07-13 16:19 - 00100864 _____ C:\windows\SysWOW64\sc.exe
2014-10-01 14:00 - 2014-10-01 14:00 - 00055948 _____ C:\Users\TQNR36\Downloads\Attachments_2014101.zip
2014-09-30 11:02 - 2014-04-17 09:40 - 00000000 ____D C:\Users\TQNR36\Documents\My Received Files
2014-09-30 10:24 - 2014-09-30 10:23 - 00000000 ____D C:\Program Files\Wireshark
2014-09-29 16:55 - 2014-09-29 16:54 - 00000000 ____D C:\Minimator
2014-09-26 12:48 - 2014-06-02 15:46 - 00000000 ___RD C:\Users\TQNR36\Documents\FST Certification Course
2014-09-26 11:46 - 2014-04-15 10:38 - 00003560 _____ C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2052111302-287218729-725345543-1812437
2014-09-26 10:40 - 2014-02-25 16:02 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-26 10:40 - 2014-02-25 16:02 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-26 10:40 - 2014-02-25 16:02 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 15:51 - 2014-09-24 15:51 - 00001843 _____ C:\Users\Administrator\Desktop\Cain.lnk
2014-09-24 15:41 - 2014-09-24 15:41 - 00011612 _____ C:\Users\TQNR36\Downloads\hash
2014-09-23 12:36 - 2014-09-23 12:20 - 00000000 ____D C:\Users\TQNR36\Documents\HackThisSite.org
2014-09-23 09:46 - 2014-09-23 09:44 - 00000000 ____D C:\Users\TQNR36\Documents\Visual Studio 2005
2014-09-23 09:45 - 2010-12-03 16:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-09-23 09:43 - 2014-08-14 14:01 - 00000000 ____D C:\Users\TQNR36\Documents\Visual Studio 2010
2014-09-23 09:42 - 2014-09-23 09:42 - 00032111 _____ C:\Users\TQNR36\Downloads\xhtml1-transitional.dtd
2014-09-23 06:33 - 2014-09-23 06:33 - 00019246 _____ C:\Users\TQNR36\Downloads\trout.zip
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe
[2014-10-16 19:17] - [2014-07-16 19:07] - 0455168 ____A (Microsoft Corporation) 8CEBD9D0A0A879CDE9F36F4383B7CAEA
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-10-18 19:58
 
==================== End Of Log ============================

 

Farbar Service Scanner Version: 21-07-2014
Ran by  (administrator) on 23-10-2014 at 20:14:02
Running from "C:\"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
ATTENTION!=====> local policy on IP: 
Key: "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local"
Value: "ActivePolicy"
Data: "SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{89c65096-77fd-4cfd-b1fe-f0ef26edae85}"
 
 
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
 
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Demand. The default start type is Auto.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
 
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

Edited by Orange Blossom, 23 October 2014 - 10:58 PM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:36 AM

Posted 28 October 2014 - 10:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/553112 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:36 AM

Posted 02 November 2014 - 11:45 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users