Trojan Virus

I am new here. don't know if this is the right forums to post this. when i used the bit defender online scanner i get this "Your system is infected with Trojan.Heur.FU.pyW@aac2YAn" and it won't dis infect it. please help me remove this <_<

Find more posts tagged with

Comments

rootkit

Hello

Welcome to the forums!

Please go to this locations to retrieve the QuickScan log:

C:\Users\[user]\AppData\Roaming\QuickScan - on Windows Vista/7

C:\Documents and Settings\[user]\Application Data\QuickScan – on Windows XP.

Please follow the steps below in order to be able to see that folder:

[how to DISPLAY HIDDEN OBJECTS]

- go to your "Control Panel" and open "Folder Options";

- then go to the "View" tab and perform the changes listed below:

* check "Display contents of system folders"

* check "Show hidden files and folders"

* uncheck "Hide file extensions for known file types"

* uncheck "Hide protected operating system files"

- click "Apply" and then "OK" to exit.

NOTE: On Microsoft Windows Vista you will apply the same steps except for selecting "Display contents of system folders".

For more information you can read the following article:

http://kb.bitdefender.com/KB354-en--Reveal...em-folders.html

Post here the content on that scan log.

Take care.

TheUnknownM

QuickScan 32-bit v0.9.9.115

---------------------------

Scan date: Tue Jun 12 04:04:24 2012

Machine ID: 185A783C

Found 1 infected file!

----------------------

C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\dtUser.exe --> Trojan.Heur.FU.pyW@aac2YAn

Processes

---------

(verified) Anti-phishing Domain Advisor 2856 C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe

(verified) Avira Free Antivirus 2884 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(verified) Avira Free Antivirus 1084 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(verified) Avira Free Antivirus 1516 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(verified) Bing Bar 1656 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(verified) Google Chrome 728 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 2044 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 2256 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 2612 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 2660 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 2720 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 3320 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 3792 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 3808 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 3856 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Chrome 4920 C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Hamachi Client 2088 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(verified) Kaspersky Security Scan 2024 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(verified) Kaspersky Security Scan 2388 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(verified) Microsoft® Windows® Operating System 3592 C:\Windows\SysWOW64\rundll32.exe

(verified) NVIDIA Update Components 2512 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(verified) PnkBstrA.exe 1240 C:\Windows\SysWOW64\PnkBstrA.exe

(verified) Steam 2380 C:\Program Files (x86)\Steam\Steam.exe

(verified) Stereo Vision Control Panel API Server 848 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

Network activity

----------------

Process chrome.exe (2256) connected on port 5222 (XMPP/Jabber) --> 209.85.225.125

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.73

Process chrome.exe (2256) connected on port 80 (HTTP) --> 63.85.36.43

Process chrome.exe (2256) connected on port 80 (HTTP) --> 63.84.95.51

Process chrome.exe (2256) connected on port 80 (HTTP) --> 63.85.36.43

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.91

Process chrome.exe (2256) connected on port 80 (HTTP) --> 63.85.36.50

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.77

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.91

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.77

Process chrome.exe (2256) connected on port 80 (HTTP) --> 63.85.36.43

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.91

Process chrome.exe (2256) connected on port 443 (HTTP over SSL) --> 74.125.225.70

Process chrome.exe (2256) connected on port 80 (HTTP) --> 63.85.36.43

Process chrome.exe (2256) connected on port 80 (HTTP) --> 23.60.124.20

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.77

Process chrome.exe (2256) connected on port 443 (HTTP over SSL) --> 74.125.225.79

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.91

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.70

Process chrome.exe (2256) connected on port 80 (HTTP) --> 208.71.125.52

Process chrome.exe (2256) connected on port 80 (HTTP) --> 23.60.144.74

Process chrome.exe (2256) connected on port 80 (HTTP) --> 69.80.196.159

Process chrome.exe (2256) connected on port 80 (HTTP) --> 23.60.127.144

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.89

Process chrome.exe (2256) connected on port 80 (HTTP) --> 23.60.127.144

Process chrome.exe (2256) connected on port 80 (HTTP) --> 23.0.47.144

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.70

Process chrome.exe (2256) connected on port 80 (HTTP) --> 74.125.225.64

Process chrome.exe (2256) connected on port 80 (HTTP) --> 23.60.127.139

Process chrome.exe (2256) connected on port 80 (HTTP) --> 66.235.142.14

Autoruns and critical files

---------------------------

Crysis Wars® Updates for All Users.ln C:\Windows\Installer\Crysis Wars® Updates for All Users.lnk

(unsigned) QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe

(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

(verified) Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(verified) Adobe® Flash® Player Update Service C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

(verified) AMD Dual-Core Optimizer C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

(verified) Anti-phishing Domain Advisor C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe

(verified) Avira Free Antivirus C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(verified) Google Chrome C:\Users\TheUnknown\AppData\Local\Google\Chrome\Application\chrome.exe

(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(verified) Google Update C:\Users\TheUnknown\AppData\Local\Google\Update\GoogleUpdate.exe

(verified) Kaspersky Security Scan C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(verified) LWEMon.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe

(verified) Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe

(verified) Realtek HD Audio Manager C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(verified) Steam C:\Program Files (x86)\Steam\Steam.exe

Browser plugins

---------------

(unsigned) DTX broker C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\dtUser.exe

(unsigned) Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

(unsigned) Java Platform SE 6 U31 C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

(unsigned) NPGameWebStarter C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll

(unsigned) QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll

(verified) AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll

(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

(verified) Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll

(verified) Bitdefender QuickScan C:\Users\TheUnknown\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.115_0\npqscan.dll

(verified) Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll

(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll

(verified) COMMONWEBSTARTER C:\Windows\Downloaded Program Files\CommonWebStarter.ocx

(verified) DTX Toolbar C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\components\dtTransparency.dll

(verified) DTX Toolbar C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\components\dtTransparency3.5.dll

(verified) DTX Toolbar C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\components\dtTransparency3.6.dll

(verified) Google Update C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

(verified) Google Update C:\Users\TheUnknown\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll

(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe

(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\isusweb.dll

(verified) Java Platform SE 6 U31 c:\program files (x86)\java\jre6\bin\jp2ssv.dll

(verified) Java Platform SE 6 U31 c:\program files (x86)\java\jre6\bin\ssv.dll

(verified) Microsoft® CoReXT c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll

(verified) Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

(verified) Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll

(verified) Nexon Game Controller C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

(verified) npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

(verified) npsoe.dll C:\Users\TheUnknown\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.170_0\npsoe.dll

(verified) NPSWF32_11_2_202_235.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

(verified) NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

(verified) NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

(verified) OnLive Game Client Detector C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll

(verified) Panda Security Toolbar c:\program files (x86)\panda security\panda security toolbar\pandasecuritydx.dll

(verified) Panda Security Toolbar C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\PandaSecurityTb_3.0.0.9b.exe

(verified) Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

(verified) Toolbar c:\program files (x86)\ask.com\genericasktoolbar.dll

(verified) Unity Player C:\Users\TheUnknown\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

(verified) WEBZEN Browser Extension C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll

(verified) Windows Activation Technologies C:\Windows\system32\Wat\npWatWeb.dll

(verified) Windows Live Messenger Companion c:\program files (x86)\windows live\companion\companioncore.dll

(verified) Windows Live Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

(verified) Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll

Missing files

-------------

File not found: "c:\program files (x86)\microsoft\bingbar\bingext.dll"

--> HKLM\Software\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\InprocServer32\"(default)"

--> HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)"

Scan

----

MD5: 77f70a9889040ccd04243790293f824b C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll

MD5: ee0477f95aaf614c5cb14f324ca48c3d C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll

MD5: 1f54e0273c7667203e005eed03e1f8ea C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll

MD5: 0e8cdb9101066345f538f588d2f52799 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll

MD5: 77855e7d81cb7b44d0614d293514ce8d C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll

MD5: 1c7834ff0acda8c730d6652d775303a2 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll

MD5: cc3ab106bad1510f66ed35faf8e4c7e9 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll

MD5: 2043c9278af6e8c3ca228bbc33aa26a9 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll

MD5: cf28139a8aecbf3bec26ca1a16fd69cf C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll

MD5: bcdb9c1161eda72817393178f43a7ae2 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll

MD5: 011c74cf75ea6e0b5ab816e2d94f8257 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll

MD5: 28751e5479f545513f26c4b42f4783b9 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll

MD5: 979b4957f1b4a7ce2f636afe92794f92 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll

MD5: bfae719594989d1f02b9e9cd86db293e C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe

MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

MD5: d61f8e72032bdc43157f2b8aea32b529 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll

MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll

MD5: 34e3709244736b8976820f730e5a8815 C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

MD5: 916a2c4eb028604783fd5ea169236c1d C:\Program Files (x86)\QuickTime\QTTask.exe

MD5: d7c3b49eee26e97fd1775deb30d52188 C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll

MD5: 988cfe16990c73bfbc5caa3f812b4114 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.988cfe16990c73bfbc5caa3f812b4114

MD5: d69f6a5a8609a81a3d8e1478dd238ac0 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.d69f6a5a8609a81a3d8e1478dd238ac0

MD5: fc0c94f15886529989dc2dae77248bd9 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.fc0c94f15886529989dc2dae77248bd9

MD5: cdd13a8dc4f2e104e61559b6396c3444 C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.cdd13a8dc4f2e104e61559b6396c3444

MD5: 9030ee62f7e88f1f5d274ff9b8e5823c C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.9030ee62f7e88f1f5d274ff9b8e5823c

MD5: 13d28592c60d291411ab8589cf7acb20 C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\dtUser.exe

No file uploaded.

Scan finished - communication took 1 sec

Total traffic - 0.00 MB sent, 0.16 KB recvd

Scanned 495 files and modules - 4 seconds

==============================================================================

looks like it was the Panda security toolbar. i think this is a fake positive, i did not knew this online scanner had a QuickScan log

rootkit

Please pack that file in archive with the password infected

C:\Users\TheUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\pbbhepbw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\dtUser.exe

and upload it on

http://www.sendspace.com

http://www.mediafire.com

and send me a PM with the download link.

We will analyze the information you sent and then reply with a possible solution in the shortest time.

Have a nice day.

TheUnknownM

I thought it was a virus. i deleted it so i cannot upload it

rootkit

Thank you for your feedback!

Let me know if you have other questions about QuickScan.

Take care.

bitterman207

firefox updated itself i used the online scanner got this: Trojan.Heur.FU.pyW@ay4Lmsc

i have avira, norton internet security, i tried panda active scan, f-secure, they all said clean.

i downloaded and burned booted the bitdefender Rescue.iso - it said no infection

i download install bitdefender 2009 free scan says clean

windows update hangs mid update

online scanner: Trojan.Heur.FU.pyW@ay4Lmsc - free download - start install must remove avira, norton, mbam, ad-aware, must restart, disable firewall, cant download install pack - now i have no protection and the lights on the modem is blinking at mach 5 speed. power modem off, hit reset, put norton ghost boot cd in, go back 27 hours or 8 days? 8 days.

i run windows update, update avira, norton, mbam, and firefox -> 12, it said somewhere i had firefox 15 earlier?? wtf. google:Trojan.Heur.FU.pyW@ay - find this post been added to - i run the bitdefender online scan: congratulations your pc is not infected. So i cant upload any virus either. 4 days pc-crapola, felt like 4 weeks.

i think the trojan came from webpage thru firefox, it changed the firefox version number to 15 to stop firefox from updating.

rootkit

Hello

Welcome to the forums!

Please look here

http://forum.bitdefender.com/index.php?sho...st&p=146203

and post here the scan log.

Thank you!

bitterman207

the time on the system clock kept jumping 2 hours backwards or forwards and the "you must activate windows because your hardware has changed since" kept popping up, the 8 days jump back didnt work so went back 35 days in norton ghost, and the bitdefender online scanner says: good news your pc is not infected. But i guess any trip back to the watch free tv-show stream pages and the trojan will pop back in.

35 days ago i did not perform the quick scan so the log file is not inside the ghost image.

rootkit

Hello

Run it again and let me know if everything is OK now.

Have a great weekend!