Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post How did you find PC CLEANER PRO on my c ...
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Missing Photos/Black Desktop/Phantom Use ...
Go to first new post Network, good; Internet, bad
Go to first new post Need Help
Go to first new post Odd Processes/SCODEF-CREDAT/possible vir ...
Go to first new post Google Hijacker/Google Search Result vir ...
Go to first new post server not found
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Ramnit virus, nearly cleared
Go to first new post Windows live Messenger Virus
Go to first new post We Got System Checked :-(
Go to first new post This setup thing keeps popping up everyd ...
Go to first new post Extremely unresponsive, massive hang-ups ...
Tag Cloud
access acer asus batch bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming gpu hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Internet Hangs on Boot Up (In Progress)

Page 2 of 3 1 2 3
Reply  
Thread Tools
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 10:43 PM #16
please copy and paste the following in the Run Command

Quote:
copy /y C:\WINNT\$NtServicePackUninstall$\atapi.sys C:\atapi.sys
Does your laptop have a Dell recovery partiton?
Register for free to hide this ad!
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 10:52 PM #17
That doesn't matter
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 10:56 PM #18
you mean start/run/ and paste this?
C:\WINNT\$NtServicePackUninstall$\atapi.sys C:\atapi.sys

Sorry.. Not sure if I did this correct... It wants me to open the .sys file with the program I choose...
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 10:58 PM #19
copy /y C:\WINNT\$NtServicePackUninstall$\atapi.sys C:\atapi.sys

This is not recognized by RUN COMMAND..
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 10:58 PM #20
I have system restore disabled.. NO RECOVERY PARTITION
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 10:59 PM #21
hmm

try this

copy C:\WINNT\$NtServicePackUninstall$\atapi.sys C:\atapi.sys
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 11:00 PM #22
system restore should never be disabled. That's a big no no!!!!
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 11:02 PM #23
Are you referring to the CMD prompt or Start RUN and then inputting copy C:\WINNT\$NtServicePackUninstall$\atapi.sys C:\atapi.sys

When I do this in the start/RUN is tells me that COPY is not recognized etc..
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 11:14 PM #24
okay well that's annoying me.

1. Please download The Avenger2 by Swandog46 to your Desktop.
  • Right click on the Avenger.zip folder and select "Extract All..."
  • Follow the prompts and extract the avenger folder to your desktop
2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Code:
Files to move:
C:\WINNT\$NtServicePackUninstall$\atapi.sys | C:\WINNT\system32\drivers\atapi.sys

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.
  • Right click on the window under Input script here:, and select Paste.
  • You can also Paste the text copied to the clipboard into this window by pressing (Ctrl+V), or click on the third button under the menu to paste it from the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete" or "Drivers to Disable", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please copy/paste the content of c:\avenger.txt into your reply
__________________
Microsoft Valuable Professional Consumer--Security 2007-2010
Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 11:17 PM #25
Thanks.. I am doing this now..

Sorry that was annoying you.. Not sure what the deal was?
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 11:18 PM #26
afterwards, please run ComboFix and post the log. Thanks
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 11:37 PM #27
Here is the avenger log....

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "C:\WINNT\$NtServicePackUninstall$\atapi.sys|C:\WINNT\system32\drivers\atap i.sys" completed successfully.
Completed script processing.
*******************
Finished! Terminate.


Here is the Combo Fix Log...

ComboFix 09-11-08.03 - Matt 11/09/2009 19:26.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3067.2416 [GMT -8:00]
Running from: c:\documents and settings\Matt\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2009-10-10 to 2009-11-10 )))))))))))))))))))))))))))))))
.
2009-11-04 17:05 . 2009-11-04 17:12 -------- d-----w- c:\documents and settings\Matt\SecurityScans
2009-11-04 17:05 . 2009-11-04 17:05 -------- d-----w- c:\program files\Microsoft Baseline Security Analyzer 2
2009-11-04 16:56 . 2009-11-04 16:57 -------- d-----w- c:\program files\MagicDisc
2009-11-04 16:56 . 2009-02-25 02:42 116736 ----a-w- c:\winnt\system32\drivers\mcdbus.sys
2009-11-02 19:03 . 2009-11-02 19:03 -------- d-----w- c:\program files\Common Files\Intel
2009-11-02 18:59 . 2009-11-02 18:59 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-31 17:47 . 2009-10-31 17:47 -------- d-----w- c:\program files\Trend Micro
2009-10-31 16:36 . 2009-10-31 16:36 152576 ----a-w- c:\documents and settings\Matt\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-10-31 16:17 . 2009-10-31 16:17 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-10-31 16:17 . 2009-10-31 16:18 -------- d-----w- c:\program files\Roxio
2009-10-29 17:13 . 2009-10-29 17:13 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\InstallShield
2009-10-29 17:13 . 2009-10-29 17:13 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Sonic
2009-10-29 17:12 . 2009-10-31 16:17 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Roxio
2009-10-29 16:45 . 2009-10-29 16:45 -------- d-----w- c:\documents and settings\Matt\Application Data\Blackberry Desktop
2009-10-29 16:32 . 2009-10-29 17:21 256 ----a-w- c:\winnt\system32\pool.bin
2009-10-29 16:32 . 2009-10-29 16:32 -------- d-----w- c:\documents and settings\Matt\Application Data\Research In Motion
2009-10-29 15:55 . 2009-10-31 16:04 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Research In Motion
2009-10-29 15:52 . 2009-01-09 23:18 27136 ----a-r- c:\winnt\system32\drivers\RimSerial.sys
2009-10-29 15:52 . 2009-10-31 16:19 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-29 15:51 . 2009-10-29 15:52 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-10-29 15:51 . 2009-10-29 15:55 -------- d-----w- c:\program files\Research In Motion
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-09 19:09 . 2005-08-11 22:14 12260 ----a-w- c:\winnt\system32\Fxxplfnt.tmp
2009-11-09 15:17 . 2008-06-10 21:44 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Google Updater
2009-11-08 06:14 . 2009-10-08 03:57 -------- d-----w- c:\documents and settings\Matt\Application Data\vlc
2009-11-04 17:28 . 2007-08-18 19:51 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Microsoft Help
2009-11-02 19:03 . 2009-05-17 02:12 -------- d-----w- c:\program files\Intel
2009-10-31 17:15 . 2005-05-25 00:04 94936 ----a-w- c:\documents and settings\Matt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-31 16:37 . 2009-05-02 15:15 -------- d-----w- c:\program files\Java
2009-10-31 00:43 . 2009-05-14 18:48 -------- d-----w- c:\documents and settings\Matt\Application Data\uTorrent
2009-10-29 17:13 . 2007-03-24 19:56 -------- d-----w- c:\documents and settings\Matt\Application Data\InstallShield
2009-10-27 02:57 . 2009-05-17 06:11 -------- d-----w- c:\documents and settings\Matt\Application Data\BSplayer Pro
2009-10-08 04:22 . 2009-08-24 20:45 -------- d-----w- c:\program files\IDT
2009-10-08 04:18 . 2009-10-08 04:09 660 ----a-w- c:\winnt\system32\drivers\sthdae.log
2009-10-08 04:14 . 2009-10-08 04:13 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\DriverScanner
2009-10-08 04:13 . 2009-10-08 04:12 -------- dc-h--w- c:\documents and settings\All Users.WINNT\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-10-08 04:13 . 2009-10-08 04:13 -------- d-----w- c:\program files\Uniblue
2009-10-08 04:13 . 2009-10-08 04:13 -------- d-----w- c:\documents and settings\Matt\Application Data\Uniblue
2009-10-01 17:11 . 2008-01-19 03:45 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\FLEXnet
2009-09-25 05:37 . 2001-08-23 21:00 667136 ------w- c:\winnt\system32\wininet.dll
2009-09-25 05:37 . 2005-05-24 22:51 81920 ------w- c:\winnt\system32\ieencode.dll
2009-09-18 04:54 . 2009-04-15 20:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-18 04:53 . 2008-09-09 05:08 4045528 ----a-w- c:\documents and settings\All Users.WINNT\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-13 00:07 . 2009-09-13 00:06 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-13 00:07 . 2009-09-13 00:06 -------- d-----w- c:\program files\iTunes
2009-09-13 00:06 . 2009-09-13 00:06 -------- d-----w- c:\program files\iPod
2009-09-13 00:06 . 2007-12-26 04:26 -------- d-----w- c:\program files\Common Files\Apple
2009-09-13 00:04 . 2009-09-13 00:04 -------- d-----w- c:\program files\QuickTime
2009-09-13 00:00 . 2009-09-13 00:00 79144 ----a-w- c:\documents and settings\All Users.WINNT\Application Data\Apple Computer\Installer Cache\iTunes 9.0.0.70\SetupAdmin.exe
2009-09-12 03:26 . 2009-08-26 18:35 -------- d-----w- c:\program files\PeerBlock
2009-09-11 14:18 . 2001-08-23 21:00 136192 ----a-w- c:\winnt\system32\msv1_0.dll
2009-09-10 21:54 . 2008-09-04 20:45 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2009-09-10 21:53 . 2008-09-04 20:45 19160 ----a-w- c:\winnt\system32\drivers\mbam.sys
2009-09-04 21:03 . 2001-08-23 21:00 58880 ----a-w- c:\winnt\system32\msasn1.dll
2009-08-28 05:12 . 2009-08-28 05:12 716272 ----a-w- c:\winnt\system32\drivers\sptd.sys
2009-08-26 08:00 . 2001-08-23 21:00 247326 ----a-w- c:\winnt\system32\strmdll.dll
2009-08-18 07:33 . 2009-08-18 07:33 1193832 ----a-w- c:\winnt\system32\FM20.DLL
2005-05-24 21:23 . 2005-05-24 21:23 21952 ---ha-w- c:\program files\folder.htt
2001-09-29 00:00 . 2008-05-22 18:43 164864 ----a-w- c:\program files\UNWISE.EXE
2006-04-11 02:48 . 2006-04-11 02:21 56 --sh--r- c:\winnt\system32\4994F12BB5.sys
2008-08-04 19:50 . 2006-04-11 02:21 1682 --sha-w- c:\winnt\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-11-10_00.44.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-10 03:20 . 2009-11-10 03:20 16384 c:\winnt\Temp\Perflib_Perfdata_9c8.dat
+ 2009-11-10 03:20 . 2009-11-10 03:20 16384 c:\winnt\Temp\Perflib_Perfdata_934.dat
+ 1999-12-07 12:00 . 2009-11-10 00:49 81610 c:\winnt\system32\perfc009.dat
- 1999-12-07 12:00 . 2009-11-10 00:35 81610 c:\winnt\system32\perfc009.dat
+ 2001-08-23 21:00 . 2004-08-04 05:59 95360 c:\winnt\system32\drivers\atapi.sys
+ 1999-12-07 12:00 . 2009-11-10 00:49 467822 c:\winnt\system32\perfh009.dat
- 1999-12-07 12:00 . 2009-11-10 00:35 467822 c:\winnt\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\SYMANT~1\vptray.exe" [2003-04-26 90112]
"XGIWatchDog"="c:\program files\XGI\XWatDog.exe" [2005-03-01 81920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936]
"AESTFltr"="c:\winnt\system32\AESTFltr.exe" [2008-07-11 466944]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-21 442460]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-10-31 623960]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-05-21 1372160]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-05-21 1202448]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"Trirot"="Trirot.exe" - c:\winnt\system32\Trirot.exe [2005-03-01 65536]
"BCMSMMSG"="BCMSMMSG.exe" - c:\winnt\BCMSMMSG.exe [2003-08-29 122880]
"Synchronization Manager"="mobsync.exe" - c:\winnt\system32\mobsync.exe [2008-04-14 143360]
"RegServer"="regserve.exe" - c:\winnt\system32\RegServe.exe [2005-03-01 28672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="c:\program files\Internet Explorer\Connection Wizard\icwconn1.exe" [2008-04-14 214528]
"tscuninstall"="c:\winnt\system32\tscupgrd.exe" [2004-08-04 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\winnt\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf010 00.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Matt^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\Matt\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\winnt\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R2 MSSQL$ACT7;MSSQL$ACT7;c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe -sACT7 --> c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe -sACT7 [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/25/2008 2:31 PM 24652]
R3 AESTAud;AE Audio Service;c:\winnt\system32\drivers\AESTAud.sys [5/16/2009 8:36 PM 108160]
R3 itecir;ITECIR Infrared Receiver;c:\winnt\system32\drivers\itecir.sys [5/16/2009 6:51 PM 54784]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\winnt\system32\drivers\k57xp32.sys [5/16/2009 6:45 PM 174592]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\winnt\system32\drivers\OA001Ufd.sys [5/16/2009 7:27 PM 133472]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\winnt\system32\drivers\OA001Vid.sys [5/16/2009 7:27 PM 279488]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\winnt\system32\AWINDIS5.SYS [8/8/2005 12:08 PM 16194]
S3 hcdriver;EHCI;c:\winnt\system32\drivers\hcdriver.sys [12/2/2005 11:46 AM 46080]
S3 NETGEAR_WG511_SERVICE;NETGEAR WG511T Wireless Adapter Service;c:\winnt\system32\DRIVERS\wg511nd5.sys --> c:\winnt\system32\DRIVERS\wg511nd5.sys [?]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [8/26/2009 10:35 AM 6144]
S3 ptiusbf;PTI USB Filter;c:\winnt\system32\DRIVERS\PTIUSBF.SYS --> c:\winnt\system32\DRIVERS\PTIUSBF.SYS [?]
S3 SQLAgent$ACT7;SQLAgent$ACT7;c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlagent.EXE -i ACT7 --> c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlagent.EXE -i ACT7 [?]
S3 Xgiv3;Xgiv3;c:\winnt\system32\drivers\Xgiv3m.sys [5/24/2005 2:32 PM 337408]
S4 RT80x86;Ralink 802.11n Wireless Driver;c:\winnt\system32\DRIVERS\RT2860.sys --> c:\winnt\system32\DRIVERS\RT2860.sys [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder
2009-10-17 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 19:34]
2009-11-10 c:\winnt\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-10 02:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: rapmls.com
Trusted Zone: turbotax.com
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-09 19:32
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys atapi.sys spoq.sys hal.dll >>UNKNOWN [0x8AFC3938]<<
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
atapi.sys @ 0x0 0x0 bytes
\Driver\atapi [ IRP_MJ_CREATE ] 0xA572 != 0xB9DE1B40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA572 != 0xB9DE1B40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA592 != 0xB9DE1B40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x67B4 != 0xB9DE1B40 atapi.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA5BC != 0xB9DE1B40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11164 != 0xB9DE1B40 atapi.sys
\Driver\atapi IRP hooks detected !
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1993962763-1844237615-725345543-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8C0B0701-6A33-7AD8-CDD1-91A3D55087AC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(672)
c:\winnt\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(728)
c:\winnt\system32\relog_ap.dll
.
Completion time: 2009-11-10 19:33
ComboFix-quarantined-files.txt 2009-11-10 03:33
ComboFix2.txt 2009-11-10 00:48
Pre-Run: 73,613,398,016 bytes free
Post-Run: 73,608,663,040 bytes free
- - End Of File - - 48DDE31253E7D6388DECB2F79535E9EB
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 11:47 PM #28
Reboot your computer

Please boot into your Recovery Console, it will be an option before booting into Windows. Press Enter to select Recovery Console.
If prompted what install to choose from type 1
For admin password, usually there isn't one. Just press Enter.

Type the following command
fixmbr and press Enter.

Reboot and run ComboFix again.
__________________
Microsoft Valuable Professional Consumer--Security 2007-2010
Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
09-Nov-2009, 11:50 PM #29
Fix the master boot record? Okay... Doing it now...
Test001's Avatar
Member with 41 posts.
  
Join Date: Nov 2009
10-Nov-2009, 12:06 AM #30
ComboFix 09-11-08.03 - Matt 11/09/2009 19:57.3.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3067.2431 [GMT -8:00]
Running from: c:\documents and settings\Matt\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2009-10-10 to 2009-11-10 )))))))))))))))))))))))))))))))
.
2009-11-04 17:05 . 2009-11-04 17:12 -------- d-----w- c:\documents and settings\Matt\SecurityScans
2009-11-04 17:05 . 2009-11-04 17:05 -------- d-----w- c:\program files\Microsoft Baseline Security Analyzer 2
2009-11-04 16:56 . 2009-11-04 16:57 -------- d-----w- c:\program files\MagicDisc
2009-11-04 16:56 . 2009-02-25 02:42 116736 ----a-w- c:\winnt\system32\drivers\mcdbus.sys
2009-11-02 19:03 . 2009-11-02 19:03 -------- d-----w- c:\program files\Common Files\Intel
2009-11-02 18:59 . 2009-11-02 18:59 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-31 17:47 . 2009-10-31 17:47 -------- d-----w- c:\program files\Trend Micro
2009-10-31 16:36 . 2009-10-31 16:36 152576 ----a-w- c:\documents and settings\Matt\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-10-31 16:17 . 2009-10-31 16:17 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-10-31 16:17 . 2009-10-31 16:18 -------- d-----w- c:\program files\Roxio
2009-10-29 17:13 . 2009-10-29 17:13 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\InstallShield
2009-10-29 17:13 . 2009-10-29 17:13 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Sonic
2009-10-29 17:12 . 2009-10-31 16:17 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Roxio
2009-10-29 16:45 . 2009-10-29 16:45 -------- d-----w- c:\documents and settings\Matt\Application Data\Blackberry Desktop
2009-10-29 16:32 . 2009-10-29 17:21 256 ----a-w- c:\winnt\system32\pool.bin
2009-10-29 16:32 . 2009-10-29 16:32 -------- d-----w- c:\documents and settings\Matt\Application Data\Research In Motion
2009-10-29 15:55 . 2009-10-31 16:04 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Research In Motion
2009-10-29 15:52 . 2009-01-09 23:18 27136 ----a-r- c:\winnt\system32\drivers\RimSerial.sys
2009-10-29 15:52 . 2009-10-31 16:19 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-29 15:51 . 2009-10-29 15:52 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-10-29 15:51 . 2009-10-29 15:55 -------- d-----w- c:\program files\Research In Motion
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-09 19:09 . 2005-08-11 22:14 12260 ----a-w- c:\winnt\system32\Fxxplfnt.tmp
2009-11-09 15:17 . 2008-06-10 21:44 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Google Updater
2009-11-08 06:14 . 2009-10-08 03:57 -------- d-----w- c:\documents and settings\Matt\Application Data\vlc
2009-11-04 17:28 . 2007-08-18 19:51 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\Microsoft Help
2009-11-02 19:03 . 2009-05-17 02:12 -------- d-----w- c:\program files\Intel
2009-10-31 17:15 . 2005-05-25 00:04 94936 ----a-w- c:\documents and settings\Matt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-31 16:37 . 2009-05-02 15:15 -------- d-----w- c:\program files\Java
2009-10-31 00:43 . 2009-05-14 18:48 -------- d-----w- c:\documents and settings\Matt\Application Data\uTorrent
2009-10-29 17:13 . 2007-03-24 19:56 -------- d-----w- c:\documents and settings\Matt\Application Data\InstallShield
2009-10-27 02:57 . 2009-05-17 06:11 -------- d-----w- c:\documents and settings\Matt\Application Data\BSplayer Pro
2009-10-08 04:22 . 2009-08-24 20:45 -------- d-----w- c:\program files\IDT
2009-10-08 04:18 . 2009-10-08 04:09 660 ----a-w- c:\winnt\system32\drivers\sthdae.log
2009-10-08 04:14 . 2009-10-08 04:13 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\DriverScanner
2009-10-08 04:13 . 2009-10-08 04:12 -------- dc-h--w- c:\documents and settings\All Users.WINNT\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-10-08 04:13 . 2009-10-08 04:13 -------- d-----w- c:\program files\Uniblue
2009-10-08 04:13 . 2009-10-08 04:13 -------- d-----w- c:\documents and settings\Matt\Application Data\Uniblue
2009-10-01 17:11 . 2008-01-19 03:45 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\FLEXnet
2009-09-25 05:37 . 2001-08-23 21:00 667136 ------w- c:\winnt\system32\wininet.dll
2009-09-25 05:37 . 2005-05-24 22:51 81920 ------w- c:\winnt\system32\ieencode.dll
2009-09-18 04:54 . 2009-04-15 20:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-18 04:53 . 2008-09-09 05:08 4045528 ----a-w- c:\documents and settings\All Users.WINNT\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-13 00:07 . 2009-09-13 00:06 -------- d-----w- c:\documents and settings\All Users.WINNT\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-13 00:07 . 2009-09-13 00:06 -------- d-----w- c:\program files\iTunes
2009-09-13 00:06 . 2009-09-13 00:06 -------- d-----w- c:\program files\iPod
2009-09-13 00:06 . 2007-12-26 04:26 -------- d-----w- c:\program files\Common Files\Apple
2009-09-13 00:04 . 2009-09-13 00:04 -------- d-----w- c:\program files\QuickTime
2009-09-13 00:00 . 2009-09-13 00:00 79144 ----a-w- c:\documents and settings\All Users.WINNT\Application Data\Apple Computer\Installer Cache\iTunes 9.0.0.70\SetupAdmin.exe
2009-09-12 03:26 . 2009-08-26 18:35 -------- d-----w- c:\program files\PeerBlock
2009-09-11 14:18 . 2001-08-23 21:00 136192 ----a-w- c:\winnt\system32\msv1_0.dll
2009-09-10 21:54 . 2008-09-04 20:45 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2009-09-10 21:53 . 2008-09-04 20:45 19160 ----a-w- c:\winnt\system32\drivers\mbam.sys
2009-09-04 21:03 . 2001-08-23 21:00 58880 ----a-w- c:\winnt\system32\msasn1.dll
2009-08-28 05:12 . 2009-08-28 05:12 716272 ----a-w- c:\winnt\system32\drivers\sptd.sys
2009-08-26 08:00 . 2001-08-23 21:00 247326 ----a-w- c:\winnt\system32\strmdll.dll
2009-08-18 07:33 . 2009-08-18 07:33 1193832 ----a-w- c:\winnt\system32\FM20.DLL
2005-05-24 21:23 . 2005-05-24 21:23 21952 ---ha-w- c:\program files\folder.htt
2001-09-29 00:00 . 2008-05-22 18:43 164864 ----a-w- c:\program files\UNWISE.EXE
2006-04-11 02:48 . 2006-04-11 02:21 56 --sh--r- c:\winnt\system32\4994F12BB5.sys
2008-08-04 19:50 . 2006-04-11 02:21 1682 --sha-w- c:\winnt\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-11-10_00.44.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-10 03:53 . 2009-11-10 03:53 16384 c:\winnt\Temp\Perflib_Perfdata_920.dat
+ 2009-11-10 03:53 . 2009-11-10 03:53 16384 c:\winnt\Temp\Perflib_Perfdata_8c4.dat
+ 1999-12-07 12:00 . 2009-11-10 00:49 81610 c:\winnt\system32\perfc009.dat
- 1999-12-07 12:00 . 2009-11-10 00:35 81610 c:\winnt\system32\perfc009.dat
+ 2001-08-23 21:00 . 2004-08-04 05:59 95360 c:\winnt\system32\drivers\atapi.sys
+ 1999-12-07 12:00 . 2009-11-10 00:49 467822 c:\winnt\system32\perfh009.dat
- 1999-12-07 12:00 . 2009-11-10 00:35 467822 c:\winnt\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\SYMANT~1\vptray.exe" [2003-04-26 90112]
"XGIWatchDog"="c:\program files\XGI\XWatDog.exe" [2005-03-01 81920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936]
"AESTFltr"="c:\winnt\system32\AESTFltr.exe" [2008-07-11 466944]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-21 442460]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-10-31 623960]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-05-21 1372160]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-05-21 1202448]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"Trirot"="Trirot.exe" - c:\winnt\system32\Trirot.exe [2005-03-01 65536]
"BCMSMMSG"="BCMSMMSG.exe" - c:\winnt\BCMSMMSG.exe [2003-08-29 122880]
"Synchronization Manager"="mobsync.exe" - c:\winnt\system32\mobsync.exe [2008-04-14 143360]
"RegServer"="regserve.exe" - c:\winnt\system32\RegServe.exe [2005-03-01 28672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="c:\program files\Internet Explorer\Connection Wizard\icwconn1.exe" [2008-04-14 214528]
"tscuninstall"="c:\winnt\system32\tscupgrd.exe" [2004-08-04 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\winnt\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf010 00.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Matt^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\Matt\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\winnt\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R2 MSSQL$ACT7;MSSQL$ACT7;c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe -sACT7 --> c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe -sACT7 [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/25/2008 2:31 PM 24652]
R3 AESTAud;AE Audio Service;c:\winnt\system32\drivers\AESTAud.sys [5/16/2009 8:36 PM 108160]
R3 itecir;ITECIR Infrared Receiver;c:\winnt\system32\drivers\itecir.sys [5/16/2009 6:51 PM 54784]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\winnt\system32\drivers\k57xp32.sys [5/16/2009 6:45 PM 174592]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\winnt\system32\drivers\OA001Ufd.sys [5/16/2009 7:27 PM 133472]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\winnt\system32\drivers\OA001Vid.sys [5/16/2009 7:27 PM 279488]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\winnt\system32\AWINDIS5.SYS [8/8/2005 12:08 PM 16194]
S3 hcdriver;EHCI;c:\winnt\system32\drivers\hcdriver.sys [12/2/2005 11:46 AM 46080]
S3 NETGEAR_WG511_SERVICE;NETGEAR WG511T Wireless Adapter Service;c:\winnt\system32\DRIVERS\wg511nd5.sys --> c:\winnt\system32\DRIVERS\wg511nd5.sys [?]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [8/26/2009 10:35 AM 6144]
S3 ptiusbf;PTI USB Filter;c:\winnt\system32\DRIVERS\PTIUSBF.SYS --> c:\winnt\system32\DRIVERS\PTIUSBF.SYS [?]
S3 SQLAgent$ACT7;SQLAgent$ACT7;c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlagent.EXE -i ACT7 --> c:\program files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlagent.EXE -i ACT7 [?]
S3 Xgiv3;Xgiv3;c:\winnt\system32\drivers\Xgiv3m.sys [5/24/2005 2:32 PM 337408]
S4 RT80x86;Ralink 802.11n Wireless Driver;c:\winnt\system32\DRIVERS\RT2860.sys --> c:\winnt\system32\DRIVERS\RT2860.sys [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder
2009-10-17 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 19:34]
2009-11-10 c:\winnt\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-10 02:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: rapmls.com
Trusted Zone: turbotax.com
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-09 20:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x8AF961F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x8af961f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1993962763-1844237615-725345543-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8C0B0701-6A33-7AD8-CDD1-91A3D55087AC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(668)
c:\winnt\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(728)
c:\winnt\system32\relog_ap.dll
.
Completion time: 2009-11-10 20:05
ComboFix-quarantined-files.txt 2009-11-10 04:04
ComboFix2.txt 2009-11-10 03:33
ComboFix3.txt 2009-11-10 00:48
Pre-Run: 73,617,915,904 bytes free
Post-Run: 73,584,730,112 bytes free
- - End Of File - - E952BCEDDD023EA13592855388E32951
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 2 of 3 1 2 3

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 01:09 AM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.