Jump to content

paulmccarthy

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. paulmccarthy
    Hello, Thank you for taking the time to help with this. My main problem is that I have a fast laptop that's behaving very slow. Sporadic alert boxes appear saying that the system is low on memory when only browsing the web (I have 12gb of RAM). There is definitely something going on here. Here is the log file:- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01Ran by paul (administrator) on PAULSLAPTOP on 06-03-2015 23:40:08Running from C:\Users\paul\DesktopLoaded Profiles: UpdatusUser & paul (Available profiles: UpdatusUser & paul & Guest)Platform: Windows 8 (X64) OS Language: English (United States)Internet Explorer Version 10 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe(DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\dglvrsvc.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16613_none_6273bd8950d6cae2\TiWorker.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Intel Corporation) C:\Windows\System32\igfxext.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe(Spotify Ltd) C:\Users\paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Facebook) C:\Users\paul\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [Facebook Update] => C:\Users\paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-09] (Facebook Inc.)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [spotify] => C:\Users\paul\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-11] (Spotify Ltd)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [spotify Web Helper] => C:\Users\paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-11] (Spotify Ltd)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [GoToMeeting] => C:\Users\paul\AppData\Local\Citrix\GoToMeeting\1468\g2mstart.exe [40304 2014-07-12] (Citrix Online, a division of Citrix Systems, Inc.)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-08] (Electronic Arts)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\...\Run: [GoogleChromeAutoLaunch_4BC6A3A146A3475CAD0E7CF8A223408D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-18] (Google Inc.)AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-09] (NVIDIA Corporation)AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [202600 2012-10-09] (NVIDIA Corporation)Startup: C:\Users\paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnkShortcutTarget: Facebook Messenger.lnk -> C:\Users\paul\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.comHKU\S-1-5-21-2775804174-2262364050-3693733238-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.comSearchScopes: HKU\S-1-5-21-2775804174-2262364050-3693733238-1002 -> DefaultScope {CF50D439-8C56-4617-ADD2-C75CCD3EB842} URL = SearchScopes: HKU\S-1-5-21-2775804174-2262364050-3693733238-1002 -> {CF50D439-8C56-4617-ADD2-C75CCD3EB842} URL = BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL (Symantec Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\paul\AppData\Roaming\Mozilla\Firefox\Profiles\4nty6emn.defaultFF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-2775804174-2262364050-3693733238-1002: @citrixonline.com/appdetectorplugin -> C:\Users\paul\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)FF Plugin HKU\S-1-5-21-2775804174-2262364050-3693733238-1002: facebook.com/fbDesktopPlugin -> C:\Users\paul\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-11-12]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgnFF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2015-02-27] Chrome: =======CHR HomePage: Default -> CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No FileCHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Profile: C:\Users\paul\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Drive) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-09]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]CHR Extension: (YouTube) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-09]CHR Extension: (Nanny for Google Chrome ) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2015-02-11]CHR Extension: (Google Search) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-09]CHR Extension: (LastPass: Free Password Manager) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-08-09]CHR Extension: (Norton Identity Safe) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-25]CHR Extension: (Google Wallet) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (Gmail) - C:\Users\paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-09]CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-11]CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-2775804174-2262364050-3693733238-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-11]CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)R2 dglvrsvc; C:\windows\dglvrsvc.exe [30464 2014-11-21] (DEVGURU Co., LTD.(www.devguru.co.kr))R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-10-19] (Samsung Electronics CO., LTD.)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55120 2012-11-01] (Condusiv Technologies)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-13] (Electronic Arts)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems)S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)R3 dglvrbus; C:\Windows\System32\drivers\dglvrbus.sys [77568 2014-11-21] (DEVGURU Co., LTD.(www.devguru.co.kr))R3 dglvrkdod; C:\Windows\system32\DRIVERS\dglvrkdod.sys [37120 2014-11-21] (DEVGURU Co., LTD.(www.devguru.co.kr))R3 dglvrmflt; C:\Windows\System32\drivers\dglvrmflt.sys [18688 2014-11-21] (DEVGURU Co., LTD.(www.devguru.co.kr))R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-28] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-28] (Symantec Corporation)R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131111.002\IDSvia64.sys [521816 2013-11-06] (Symantec Corporation)R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [28496 2012-11-01] (Condusiv Technologies)R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104272 2012-11-01] (Condusiv Technologies)S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131007.009\ENG64.SYS [126040 2013-08-30] (Symantec Corporation)S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131007.009\EX64.SYS [2099288 2013-08-30] (Symantec Corporation)S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-26] (Microsoft Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1406000.01B\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)R3 SymDS; C:\Windows\system32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)R3 SymEFA; C:\Windows\system32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)S4 SymELAM; C:\Windows\system32\drivers\NISx64\1406000.01B\SymELAM.sys [23448 2012-06-21] (Symantec Corporation)R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-10] (Symantec Corporation)R3 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1406000.01B\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-06 23:40 - 2015-03-06 23:41 - 00026766 _____ () C:\Users\paul\Desktop\FRST.txt2015-03-06 23:39 - 2015-03-06 23:40 - 00000000 ____D () C:\FRST2015-03-06 23:38 - 2015-03-06 23:38 - 02092544 _____ (Farbar) C:\Users\paul\Desktop\FRST64.exe2015-03-06 23:37 - 2015-03-06 23:37 - 01132544 _____ (Farbar) C:\Users\paul\Desktop\FRST.exe2015-03-06 23:33 - 2015-03-06 23:33 - 00003136 _____ () C:\windows\System32\Tasks\Registry Optimizer2015-03-06 14:24 - 2015-03-06 14:24 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-03-06 14:23 - 2015-03-06 14:23 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-03-06 14:23 - 2015-03-06 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-03-06 14:23 - 2015-03-06 14:23 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-03-06 14:23 - 2015-03-06 14:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-03-06 14:23 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2015-03-06 14:23 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2015-03-06 14:23 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2015-03-06 14:22 - 2015-03-06 14:22 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\paul\Desktop\mbam-setup-2.0.4.1028.exe2015-03-05 12:31 - 2015-03-06 16:50 - 00000000 ____D () C:\Users\paul\Desktop\membermouse2015-03-05 11:28 - 2015-03-05 11:28 - 00000903 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaySketch.lnk2015-03-05 11:28 - 2015-03-05 11:28 - 00000891 _____ () C:\Users\Public\Desktop\PaySketch.lnk2015-03-05 11:28 - 2015-03-05 11:28 - 00000000 ____D () C:\Users\paul\AppData\Roaming\com.paysketch.application2015-03-05 11:28 - 2015-03-05 11:28 - 00000000 ____D () C:\Program Files (x86)\PaySketch2015-03-05 11:26 - 2015-03-05 11:27 - 03108465 _____ () C:\Users\paul\Desktop\PaySketch.air2015-03-02 12:31 - 2015-03-04 09:54 - 00001015 _____ () C:\Users\paul\Desktop\this year - thrive.txt2015-02-28 05:09 - 2015-03-06 23:34 - 00000580 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2775804174-2262364050-3693733238-1002.job2015-02-25 19:58 - 2015-02-27 07:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird2015-02-24 22:25 - 2015-02-24 22:25 - 00272510 _____ () C:\Users\paul\Desktop\leads_dashboard_radu.txt2015-02-24 22:20 - 2015-02-24 22:20 - 00275079 _____ () C:\Users\paul\Desktop\leads_dashboard.txt2015-02-22 17:35 - 2015-02-22 18:51 - 00001436 _____ () C:\Users\paul\Desktop\thrive_leads_further_additions.txt2015-02-22 17:31 - 2015-02-22 17:31 - 00050602 _____ () C:\Users\paul\Desktop\_3743765.m4a2015-02-19 20:30 - 2015-02-19 20:31 - 00044196 _____ () C:\Users\paul\Desktop\clever-widgets-product-small.psd2015-02-19 20:01 - 2015-02-19 20:10 - 00000000 ____D () C:\Users\paul\Desktop\Thrive Clever Widgets2015-02-16 03:47 - 2015-02-16 04:07 - 00000000 ____D () C:\Users\paul\Desktop\Invoices2015-02-16 02:07 - 2015-02-16 02:07 - 00000210 _____ () C:\Users\paul\Downloads\download.csv2015-02-12 18:06 - 2015-02-12 18:06 - 00000047 _____ () C:\Users\paul\Desktop\tax assist details.txt2015-02-11 16:51 - 2015-02-11 17:03 - 00000000 ____D () C:\Users\paul\Desktop\assets2015-02-11 03:11 - 2015-02-11 17:05 - 00036182 _____ () C:\Users\paul\Desktop\thrive-leads_canvas.bmml2015-02-10 17:28 - 2015-02-10 17:28 - 00000606 _____ () C:\Users\paul\Desktop\thrive leads future features.txt2015-02-10 16:25 - 2015-02-10 16:25 - 00001103 _____ () C:\Users\paul\Desktop\thrive leads meeting.txt2015-02-06 01:38 - 2015-03-06 23:43 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-06 01:38 - 2015-03-06 23:23 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-06 23:42 - 2013-08-09 01:08 - 00000000 ____D () C:\Users\paul\AppData\Roaming\Skype2015-03-06 23:33 - 2012-12-04 02:06 - 00000000 ____D () C:\ProgramData\WinClon2015-03-06 23:32 - 2012-12-04 00:58 - 01772068 _____ () C:\windows\WindowsUpdate.log2015-03-06 23:28 - 2015-01-17 08:09 - 00000000 ___RD () C:\Users\paul\Google Drive2015-03-06 23:27 - 2014-07-21 16:56 - 00000000 ____D () C:\Users\paul\AppData\Roaming\Spotify2015-03-06 23:26 - 2014-07-21 16:57 - 00000000 ____D () C:\Users\paul\AppData\Local\Spotify2015-03-06 22:53 - 2013-08-13 11:14 - 00000948 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2775804174-2262364050-3693733238-1002UA.job2015-03-06 22:02 - 2012-07-26 15:12 - 00000000 ____D () C:\windows\system32\sru2015-03-06 19:53 - 2013-08-13 11:14 - 00000926 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2775804174-2262364050-3693733238-1002Core.job2015-03-06 16:54 - 2012-07-26 14:59 - 00000000 ____D () C:\windows\CbsTemp2015-03-06 15:02 - 2013-11-25 03:45 - 00000318 _____ () C:\windows\Tasks\Registry Optimizer_DEFAULT.job2015-03-06 12:45 - 2013-11-25 03:45 - 00000000 ____D () C:\Users\paul\AppData\Roaming\FileZilla2015-03-06 09:25 - 2012-07-26 15:12 - 00000000 ____D () C:\windows\system32\NDF2015-03-05 14:57 - 2015-01-16 22:51 - 00000000 ____D () C:\Users\paul\AppData\Local\Windows Live2015-03-04 21:45 - 2013-11-25 03:45 - 00000326 _____ () C:\windows\Tasks\Registry Optimizer_UPDATES.job2015-03-02 09:22 - 2012-07-26 14:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI2015-02-28 05:09 - 2014-03-25 16:06 - 00003584 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2775804174-2262364050-3693733238-10022015-02-27 22:52 - 2014-07-22 03:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-02-27 22:52 - 2012-07-26 14:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-02-22 00:03 - 2012-07-26 12:26 - 00262144 ___SH () C:\windows\system32\config\ELAM2015-02-20 01:46 - 2013-08-09 00:45 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-17 20:39 - 2015-01-17 02:33 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk2015-02-17 20:39 - 2015-01-17 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE2015-02-16 03:34 - 2012-12-04 01:59 - 00000000 ____D () C:\ProgramData\Adobe2015-02-16 03:19 - 2014-07-07 03:13 - 00000000 ____D () C:\Users\paul\AppData\Local\Adobe2015-02-16 03:19 - 2013-08-08 23:19 - 00000000 ____D () C:\Users\paul\AppData\Roaming\Adobe2015-02-14 02:43 - 2013-08-22 15:08 - 00000000 ____D () C:\Users\paul\AppData\Local\TSVNCache2015-02-13 03:21 - 2014-11-08 09:18 - 00000000 ____D () C:\Program Files (x86)\Origin2015-02-11 03:13 - 2013-08-20 12:02 - 00000000 ____D () C:\Users\paul\Desktop\Work2015-02-08 00:27 - 2012-07-26 15:12 - 00000000 ____D () C:\windows\AUInstallAgent2015-02-06 01:38 - 2013-08-09 00:45 - 00003902 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-06 01:38 - 2013-08-09 00:45 - 00003666 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2013-08-08 23:19 - 2013-09-28 02:38 - 0002755 _____ () C:\Users\paul\AppData\Roaming\AbsoluteReminder.xml2013-12-02 07:59 - 2015-01-19 23:45 - 0000600 _____ () C:\Users\paul\AppData\Local\PUTTY.RND2012-12-04 02:11 - 2012-08-08 11:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe2012-12-04 02:11 - 2012-08-07 17:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml Files to move or delete:====================C:\ProgramData\MakeMarkerFile.exeC:\Users\EasySurvey\EasySurvey.exe Some content of TEMP:====================C:\Users\paul\AppData\Local\Temp\i4jdel0.exeC:\Users\paul\AppData\Local\Temp\restarter241210232408057410.exeC:\Users\paul\AppData\Local\Temp\restarter3115759491703456231.exeC:\Users\paul\AppData\Local\Temp\restarter3467548738018000141.exeC:\Users\paul\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-03 12:04 ==================== End Of Log ============================ Thanks in advance,Paul
  2. paulmccarthy
    Hello MrC, Thanks for the instructions. Please find attached latest log file. Best Regards, Paul adwclearner log file.txt
  3. paulmccarthy
    Hi MrC, Thanks again for the instructions, please find attached the report. Best Regards, Paul AdwCleanerR1.txt
  4. paulmccarthy
    Hello MrC, Thanks for letting me know about the rogue site. It appears that the reason I couldn't download the application from the main site is because I am currently in Romania and my IP appears to be blocked. Please find attached the log file for this latest scan. Best Regards, Paul combofixlog.txt
  5. paulmccarthy
    Hi MrC, Is this the same software : http://www.combofix.org/ I ask because I've tried to download combofix from the link you suggested for about two hours now and the server has been down the whole time. Best Regards, Paul
  6. paulmccarthy
    Thanks for the instructions. Please find a zip file of my logs attached. Best Regards, Paul TDSSKiller.2.8.15.0_07.11.2012_21.46.49_log.zip
  7. paulmccarthy
    OK please find log attached. Best Regards, Paul RKreport1_S_11072012_02d1913.txt
  8. paulmccarthy
    Hello MrC, OK, I've just uninstalled uTorrent. Best Regards, Paul
  9. paulmccarthy
    Hello - I bought a new laptop for my other half a few months ago and now the computer won't even react on booting up. Apparently she's a bit of a torrent user - which sounds like the likely cause. I've attached the files as requested, would someone mind having a look for me and giving me some advice? Thanks in advance, Paul attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.