Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads playing audio from "Name not Available" application, Can't remove it, help!


  • This topic is locked This topic is locked
8 replies to this topic

#1 MrSoffish

MrSoffish

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 16 April 2015 - 10:27 AM

So I believe my computer is infected with some Malware. I recently had "Coupoon" on my Google Chrome which I was able to remove using MalwareByes and MBAR, however in my Volume mixer, there is an unkown Application called "Name not Available" which is playing ads. Malwarebyes and MBAR haven't been able to find and remove it. I've tried a few things but with no luck. Here are my logs. If you need more information I will be glad to provide it, thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Toshiba (administrator) on SI-UNI-2754 on 17-04-2015 01:16:28
Running from C:\Users\Toshiba\Downloads
Loaded Profiles: Toshiba &  (Available profiles: Toshiba)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(                                                                                                    ) C:\Windows\Temp\mrt7FFD.tmp\stdrt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Flux Software LLC) C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Malwarebytes Corporation) C:\Users\Toshiba\Desktop\mbar\mbar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-21] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-18] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\...\Run: [f.lux] => C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\...\MountPoints2: {b9e8f79f-4849-11e4-826c-7c7a91be2ec6} - "F:\setup.exe" 
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b9e8f79f-4849-11e4-826c-7c7a91be2ec6} - "F:\setup.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk
ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TAJB
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TAJB
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.mytoshiba.com.au/start
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.mytoshiba.com.au/start
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TAJB
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TAJB
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.mytoshiba.com.au/start
HKU\S-1-5-21-2832787055-2137322991-2927137475-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.mytoshiba.com.au/start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [50176] (Microsoft Corporation)
Winsock: Catalog5 10 C:\Windows\SysWOW64\wlidNSP.dll [50176] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240] (Microsoft Corporation)
Winsock: Catalog5-x64 10 C:\Windows\system32\wlidnsp.dll [74240] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
FireFox:
========
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\uz9sb2j2.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-au
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\uz9sb2j2.default\Extensions\bingsearch.full@microsoft.com [2015-03-30]
FF Extension: Cookies Manager+ - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\uz9sb2j2.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-01-31]
FF Extension: ExHentai Easy 2 - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\uz9sb2j2.default\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2015-01-31]
 
Chrome: 
=======
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-10-21]
CHR Extension: (Google Docs) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Google Sheets) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (EditThisCookie) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-01-31]
CHR Extension: (Web Timer) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnjbdfgigejghknieofeahaknkjafim [2014-10-21]
CHR Extension: (AdBlock) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-25]
CHR Extension: (Bookmark Manager) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-31]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-09-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Ghostery) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-11-05]
CHR Extension: (Google Wallet) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Click&Clean App) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-10-21]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [1202396 2015-04-15] (                                                                                                    ) [File not signed] <==== ATTENTION
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-17] (TODO: <Company name>) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2014-12-31] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4362056 2014-11-18] (Symantec Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-10-30] (SolidWorks) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
S2 slfhyizrqi32; C:\Program Files\015\slfhyizrqi32.exe run -SOURCE=10 options=10001010150000000000000000000000 source=10 stdout=reg:HKEY_LOCAL_MACHINE,Software\\MIA,MIA_ERROR  [X]
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-30] (Disc Soft Ltd)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-17] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-19] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-19] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-12] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-22] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows ® Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-17 01:16 - 2015-04-17 01:16 - 00025474 _____ () C:\Users\Toshiba\Downloads\FRST.txt
2015-04-17 01:12 - 2015-04-17 01:12 - 00000000 ____D () C:\Users\Toshiba\Downloads\South Park
2015-04-17 01:11 - 2015-04-17 01:15 - 00000000 ____D () C:\Users\Toshiba\Downloads\The Walking Dead
2015-04-17 01:06 - 2015-04-17 01:07 - 00000000 ____D () C:\Users\Toshiba\Downloads\The Office
2015-04-17 00:43 - 2015-04-17 01:16 - 00000000 ____D () C:\FRST
2015-04-17 00:42 - 2015-04-17 00:42 - 02097664 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST64.exe
2015-04-17 00:21 - 2015-04-17 00:21 - 00000758 _____ () C:\Users\Toshiba\Desktop\JRT.txt
2015-04-17 00:13 - 2015-04-17 00:13 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SI-UNI-2754-Windows-8.1-(64-bit).dat
2015-04-17 00:13 - 2015-04-17 00:13 - 00000000 ____D () C:\RegBackup
2015-04-17 00:08 - 2015-04-17 00:10 - 00000000 ____D () C:\AdwCleaner
2015-04-17 00:04 - 2015-04-17 00:04 - 02686088 _____ (Thisisu) C:\Users\Toshiba\Desktop\JRT.exe
2015-04-17 00:04 - 2015-04-17 00:04 - 02217984 _____ () C:\Users\Toshiba\Desktop\adwcleaner_4.201.exe
2015-04-16 23:24 - 2015-04-17 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-16 23:21 - 2015-04-17 00:03 - 00000000 ____D () C:\Users\Toshiba\Desktop\mbar
2015-04-16 23:20 - 2015-04-16 23:20 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Toshiba\Downloads\mbar-1.09.1.1004.exe
2015-04-16 23:07 - 2015-04-16 23:07 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Toshiba\Downloads\tdsskiller.exe
2015-04-16 02:35 - 2015-04-16 02:35 - 05930318 _____ () C:\Users\Toshiba\Downloads\Two-Siblings.zip
2015-04-15 19:15 - 2015-04-15 19:15 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\openvr
2015-04-15 17:26 - 2015-04-15 17:26 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 16:39 - 2015-04-15 16:39 - 00000805 _____ () C:\Windows\SysWOW64\soft.exe
2015-04-15 16:35 - 2015-03-24 07:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 16:35 - 2015-03-24 07:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 16:35 - 2015-03-24 07:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 16:35 - 2015-03-24 07:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 16:35 - 2015-03-24 07:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 16:35 - 2015-03-20 14:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 16:35 - 2015-03-20 14:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 16:35 - 2015-03-20 14:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 16:35 - 2015-03-20 13:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 16:35 - 2015-03-20 12:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 16:35 - 2015-03-20 12:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 16:35 - 2015-03-20 12:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 16:35 - 2015-03-14 18:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 16:35 - 2015-03-14 18:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 16:35 - 2015-03-13 14:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 16:35 - 2015-03-13 14:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 16:35 - 2015-03-13 14:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 16:35 - 2015-03-13 13:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 16:35 - 2015-03-13 13:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 16:35 - 2015-03-13 13:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 16:35 - 2015-03-13 13:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 16:35 - 2015-03-13 13:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 16:35 - 2015-03-13 13:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 16:35 - 2015-03-13 13:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 16:35 - 2015-03-13 13:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 16:35 - 2015-03-13 13:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 16:35 - 2015-03-13 13:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 16:35 - 2015-03-13 13:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 16:35 - 2015-03-13 12:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 16:35 - 2015-03-13 12:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 16:35 - 2015-03-13 12:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 16:35 - 2015-03-13 12:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 16:35 - 2015-03-13 12:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 16:35 - 2015-03-13 12:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 16:35 - 2015-03-13 12:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 16:35 - 2015-03-13 12:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 16:35 - 2015-03-13 12:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 16:35 - 2015-03-13 12:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 16:35 - 2015-03-13 12:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 16:35 - 2015-03-13 12:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 16:35 - 2015-02-21 09:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 16:34 - 2015-03-23 08:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 16:34 - 2015-03-23 08:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 16:34 - 2015-03-23 08:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 16:34 - 2015-03-23 08:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 16:34 - 2015-03-23 08:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 16:34 - 2015-03-23 08:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 16:34 - 2015-03-23 08:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 16:34 - 2015-03-14 18:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 16:34 - 2015-03-14 11:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 16:34 - 2015-03-14 11:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 16:34 - 2015-03-14 11:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 16:34 - 2015-03-14 11:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 16:34 - 2015-03-14 11:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 16:34 - 2015-03-14 10:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 16:34 - 2015-03-14 10:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 16:34 - 2015-03-14 10:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 16:34 - 2015-03-14 10:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 16:34 - 2015-03-14 10:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 16:34 - 2015-03-14 10:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 16:34 - 2015-03-14 10:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 16:34 - 2015-03-14 10:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 16:34 - 2015-03-14 10:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 16:34 - 2015-03-14 10:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 16:34 - 2015-03-14 09:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 16:34 - 2015-03-14 09:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 16:34 - 2015-03-04 20:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 16:34 - 2015-03-04 13:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 16:34 - 2015-03-04 12:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 16:34 - 2015-02-24 18:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 16:34 - 2014-12-03 09:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 13:40 - 2015-04-15 13:40 - 00000000 ____D () C:\Users\Toshiba\Tracing
2015-04-15 13:38 - 2015-04-17 00:31 - 00000105 _____ () C:\Windows\SysWOW64\get.dat
2015-04-15 13:35 - 2015-04-15 13:35 - 00000000 _____ () C:\Windows\SysWOW64\x64.txt
2015-04-15 13:29 - 2015-04-15 13:29 - 01202396 _____ ( ) C:\Windows\SysWOW64\lnsecsl.exe
2015-04-15 13:23 - 2015-04-17 00:52 - 00000000 ____D () C:\ProgramData\{3bef08e0-4997-b04c-3bef-f08e04992381}
2015-04-15 13:23 - 2015-04-15 13:23 - 00003994 _____ () C:\Windows\System32\Tasks\LaunchPreSignup
2015-04-15 13:23 - 2015-04-15 13:23 - 00000000 ____D () C:\Program Files (x86)\app_setup
2015-04-15 13:22 - 2015-04-15 13:22 - 00001335 _____ () C:\Users\Toshiba\Desktop\Continue installation .lnk
2015-04-13 03:57 - 2015-04-13 03:57 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\SolidWorks
2015-04-10 19:21 - 2015-04-10 19:21 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-04-10 00:00 - 2015-04-10 00:00 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\AMD
2015-04-04 22:59 - 2015-04-04 23:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 22:59 - 2015-04-04 22:59 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-03 00:15 - 2015-04-03 00:15 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-03-31 16:52 - 2015-03-31 16:52 - 00000000 ____D () C:\Users\Toshiba\Documents\Electronic Arts
2015-03-30 13:42 - 2015-03-30 13:42 - 02075308 _____ () C:\Users\Toshiba\Desktop\mum.dib
2015-03-26 12:16 - 2015-03-26 12:16 - 00001330 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014b.lnk
2015-03-26 12:16 - 2015-03-26 12:16 - 00001318 _____ () C:\Users\Public\Desktop\MATLAB R2014b.lnk
2015-03-26 12:16 - 2015-03-26 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2015-03-26 12:15 - 2015-03-26 12:15 - 00000000 ____D () C:\ProgramData\MathWorks
2015-03-26 12:14 - 2015-04-17 00:35 - 00000574 _____ () C:\Windows\Tasks\MATLAB R2014b Startup Accelerator.job
2015-03-26 12:14 - 2015-03-26 12:14 - 00003742 _____ () C:\Windows\System32\Tasks\MATLAB R2014b Startup Accelerator
2015-03-26 11:03 - 2015-03-26 11:03 - 00000000 ____D () C:\Program Files\MATLAB
2015-03-23 19:30 - 2015-03-23 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-03-23 19:30 - 2015-03-23 19:30 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2015-03-23 19:29 - 2015-03-31 16:52 - 00029583 _____ () C:\Windows\DirectX.log
2015-03-19 10:11 - 2015-03-19 10:11 - 904769573 _____ () C:\Windows\MEMORY.DMP
2015-03-19 10:11 - 2015-03-19 10:11 - 00284904 _____ () C:\Windows\Minidump\031915-43687-01.dmp
2015-03-19 10:11 - 2015-03-19 10:11 - 00000000 ____D () C:\Windows\Minidump
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-17 01:15 - 2015-02-04 03:34 - 01846143 _____ () C:\Windows\WindowsUpdate.log
2015-04-17 01:05 - 2015-02-16 11:10 - 00000000 ____D () C:\Users\Toshiba\Downloads\Nadia
2015-04-17 01:02 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-17 00:51 - 2015-01-06 11:04 - 00004992 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SI-UNI-2754-Toshiba SI-UNI-2754
2015-04-17 00:51 - 2014-09-25 17:56 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-17 00:39 - 2014-12-17 11:49 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-17 00:39 - 2014-12-17 11:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-17 00:36 - 2014-04-08 19:41 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-17 00:34 - 2014-09-24 14:53 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2832787055-2137322991-2927137475-1001
2015-04-17 00:33 - 2014-10-06 11:22 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Skype
2015-04-17 00:33 - 2014-05-27 02:13 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-17 00:31 - 2014-09-25 17:56 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Deployment
2015-04-17 00:30 - 2014-09-25 18:40 - 00000000 ___DO () C:\Users\Toshiba\OneDrive
2015-04-17 00:29 - 2015-02-09 12:02 - 00029163 _____ () C:\Windows\setupact.log
2015-04-17 00:29 - 2014-09-25 17:56 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-17 00:29 - 2013-08-23 00:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 00:28 - 2015-03-07 23:01 - 00523488 _____ () C:\Windows\PFRO.log
2015-04-17 00:28 - 2014-05-27 02:12 - 00000000 ____D () C:\ProgramData\Norton
2015-04-17 00:26 - 2013-08-23 01:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-04-17 00:26 - 2013-08-22 23:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-17 00:10 - 2013-08-22 23:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-16 23:13 - 2013-08-23 00:44 - 00526816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-16 22:56 - 2013-08-23 01:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-16 22:45 - 2014-09-24 14:46 - 00000000 ____D () C:\Users\Toshiba
2015-04-16 17:08 - 2013-08-23 01:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-16 17:07 - 2014-10-16 00:42 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\vlc
2015-04-16 01:05 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-15 21:54 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-15 19:21 - 2014-09-25 18:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-15 19:19 - 2014-10-06 16:23 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Battle.net
2015-04-15 19:19 - 2014-10-06 16:23 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-15 19:18 - 2015-02-13 15:41 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-15 17:26 - 2015-03-12 13:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 17:13 - 2014-09-26 07:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 17:08 - 2014-09-26 07:16 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 16:37 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\Web
2015-04-15 16:34 - 2014-11-12 11:34 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-15 13:39 - 2014-10-06 11:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 13:39 - 2014-10-06 11:21 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 10:53 - 2014-09-25 17:58 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 09:24 - 2015-03-12 17:00 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 09:24 - 2015-03-12 17:00 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 19:31 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-13 12:41 - 2014-05-27 01:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-13 03:57 - 2014-10-30 13:59 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\SolidWorks
2015-04-13 01:40 - 2014-10-24 11:17 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\CrashDumps
2015-04-05 11:04 - 2015-03-16 14:34 - 00000000 ____D () C:\Users\Toshiba\Documents\SimCity 4
2015-03-30 23:43 - 2015-03-17 00:53 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-30 14:21 - 2014-09-24 14:47 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Packages
2015-03-30 13:41 - 2014-10-07 17:19 - 00000000 ____D () C:\Users\Toshiba\Documents\My Games
2015-03-30 12:02 - 2014-10-08 14:21 - 00000024 _____ () C:\Users\Toshiba\random.dat
2015-03-30 11:46 - 2014-10-08 14:21 - 00000046 _____ () C:\Users\Toshiba\jagex_cl_oldschool_LIVE.dat
2015-03-24 18:27 - 2014-10-24 20:27 - 00000000 ____D () C:\Users\Toshiba\Documents\Klei
 
==================== Files in the root of some directories =======
 
2015-03-05 21:54 - 2015-03-05 21:54 - 0004608 _____ () C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-27 01:36 - 2014-05-27 01:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Files to move or delete:
====================
C:\Users\Toshiba\jagex_cl_oldschool_LIVE.dat
C:\Users\Toshiba\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Toshiba\AppData\Local\Temp\130735870601595559.exe
C:\Users\Toshiba\AppData\Local\Temp\13073587064919963575.exe
C:\Users\Toshiba\AppData\Local\Temp\Argentina Me Gusta Account Gen Downloader__3687_i1498212693_il679456.exe
C:\Users\Toshiba\AppData\Local\Temp\ASIns.exe
C:\Users\Toshiba\AppData\Local\Temp\AutoRun.exe
C:\Users\Toshiba\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Toshiba\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Toshiba\AppData\Local\Temp\MYPCBU.exe
C:\Users\Toshiba\AppData\Local\Temp\OK_V17_10_SENTRA_4.exe
C:\Users\Toshiba\AppData\Local\Temp\proxy_vole2132855067728551042.dll
C:\Users\Toshiba\AppData\Local\Temp\Quarantine.exe
C:\Users\Toshiba\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Toshiba\AppData\Local\Temp\sqlite3.dll
C:\Users\Toshiba\AppData\Local\Temp\SRLDetectionLibrary3804646202019199087.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-10 03:19
 
==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:14 PM

Posted 19 April 2015 - 03:38 PM

Hello and welcome to Bleeping Computer.

Please do the following:

Download attached fixlist.txt file and save it to the Downloads folder.

Attached File  FixList.txt   665bytes   2 downloads

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 MrSoffish

MrSoffish
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 19 April 2015 - 05:12 PM

Hello! Thank you for taking the time to get back to me. I did what you said, which required a restart. Once my computer had rebooted I noticed the unknown sound file playing ads had disappeared! here is the log report 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-04-2015 01
Ran by Toshiba at 2015-04-20 08:02:31 Run:1
Running from C:\Users\Toshiba\Downloads
Loaded Profiles: Toshiba (Available profiles: Toshiba)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
(                                                                                                    ) C:\Windows\Temp\mrt7FFD.tmp\stdrt.exe
HKLM\...\Run: [] => [X]
S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [1202396 2015-04-15] (                                                                                                    ) [File not signed] <==== ATTENTION
C:\Windows\SysWOW64\lnsecsl.exe
S2 slfhyizrqi32; C:\Program Files\015\slfhyizrqi32.exe run -SOURCE=10 options=10001010150000000000000000000000 source=10 stdout=reg:HKEY_LOCAL_MACHINE,Software\\MIA,MIA_ERROR  [X]
C:\Program Files\015\slfhyizrqi32.exe
EmptyTemp:
end
 
 
*****************
 
C:\Windows\Temp\mrt7FFD.tmp\stdrt.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
Adobe Licensing Console => Service deleted successfully.
Could not move "C:\Windows\SysWOW64\lnsecsl.exe" => Scheduled to move on reboot.
slfhyizrqi32 => Service deleted successfully.
"C:\Program Files\015\slfhyizrqi32.exe" => File/Directory not found.
EmptyTemp: => Removed 2.6 GB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-20 08:06:19)<=
 
C:\Windows\SysWOW64\lnsecsl.exe => Is moved successfully.
 
==== End of Fixlog 08:06:19 ====


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:14 PM

Posted 20 April 2015 - 07:16 AM

That's good news, let's sweep for leftovers

Open Malwarebytes AntiMalware (MBAM):

• On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
• Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
• A Threat Scan will begin.
• With some infections, you may see this message box.
○ 'Could not load DDA driver'
• Click 'Yes' to this message, to allow the driver to load after a restart.
• Allow the computer to restart. Continue with the rest of these instructions.
• When the scan is complete, click Apply Actions.
• Wait for the prompt to restart the computer to appear, then click on Yes.

Attach the resulting log.

• Open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the scan log which shows the Date and time of the scan just performed.
• Click 'Export' > Click 'Text file (*.txt)'
• In the Save File dialog box which appears, click on Desktop.
• In the File name: box type a name for your scan log.
• A message box named 'File Saved' should appear stating "Your file has been successfully exported" > Click Ok
• Attach that saved log to your next reply.

NEXT

Download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • If items are found, please select the Cleaning button
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply
Please advise how the computer is running now and if there are any outstanding issues.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 MrSoffish

MrSoffish
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 20 April 2015 - 09:26 AM

Hello again!

 

So I ran a threat scan on MBAM after changing the settings to scan for rootkits, the scan came up empty with no threats, I'll attach the log to this reply.

 

I also downloaded AdwCleaner and scanned, and again it came up with nothing. I was unsure what to do here so I just clicked Clean anyway. my computer rebooted and the log for AdwCleaner appeared, it doesn't show anything but I will include it. Unless I used AdwCleaner wrong somehow...

 

As to how much computer is running now, it's running very smoothly, the unkown ad application hasn't appeared once, and my daily scans on MBAM haven't picked up anything either.

 

Here's the log I received for AdwCleaner:

 

# AdwCleaner v4.201 - Logfile created 21/04/2015 at 00:17:38
# Updated 08/04/2015 by Xplode
# Database : 2015-04-19.4 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Toshiba - SI-UNI-2754
# Running from : C:\Users\Toshiba\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
 
 
-\\ Google Chrome v42.0.2311.90
 
 
*************************
 
AdwCleaner[R0].txt - [1343 bytes] - [17/04/2015 00:08:47]
AdwCleaner[R1].txt - [896 bytes] - [20/04/2015 23:30:28]
AdwCleaner[R2].txt - [954 bytes] - [20/04/2015 23:39:51]
AdwCleaner[R3].txt - [1012 bytes] - [20/04/2015 23:45:34]
AdwCleaner[S0].txt - [1423 bytes] - [17/04/2015 00:10:05]
AdwCleaner[S1].txt - [939 bytes] - [21/04/2015 00:17:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [997  bytes] ##########
 

 

Attached Files



#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:14 PM

Posted 20 April 2015 - 10:38 AM

looks good, now we can clean up our tools:


You can delete the FRST logs and program from your desktop.


NEXT
  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.
If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.
  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.
  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.
  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for Chrome, Firefox and IE
  • AdblockPlus
    • AdblockPlus, Surf the web without annoying ads!
    • Blocks banners, pop-ups and video ads - even on Facebook and YouTube
    • Protects your online privacy
    • Two-click installation, It's free!
    • click the icon that corresponds to your browser and download.
  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
    PC Safety and Security--What Do I Need?.
  • Simple and easy ways to keep your computer safe and secure on the Internet
Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 MrSoffish

MrSoffish
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 20 April 2015 - 11:35 AM

I've deleted all the logs and programs we used. Some of the programs you recommended I already have likeAdblock, but WOT is new to me so thank you very much!

 

I'd just like to add, that Bleepingcomputers has been an outstanding help to me these past few days and I will be sure to recommend you anyone I know with malware and virus issues, I will also be sure to donate towards Bleepingcomputers and again, thank you SO much you guys are very helpful and professional!

 

Keep on doing what you guys do! 



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:14 PM

Posted 20 April 2015 - 03:23 PM

you are welcome

stay safe :hello:

~CB

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:14 PM

Posted 20 April 2015 - 03:24 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users