Google redirect

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

kakuzu666

Thread Starter
Joined
Nov 6, 2011
Messages
3
Hi,

recently I have been sharing a computer with my sister and she told me that something poped up saying trojan found go to this. Seemed obvious that it was some type of a rogue but yet it disabled all of my Avs. I put SAS (SUPERantispyware) and MB (Malwarebytes) on a flash drive and they couldn't find anything. I did a system restore to about a week before I was infected. My Avs were working and all so I brought up the browser and it redirects me everytime I click on a link So some type of a rootkit? I ran the rootkit scan by Kaspersky and it was not able to find anything.

Running 64-bit Win7 so gmer doesn't work.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Run by Adam at 19:31:19 on 2011-11-05
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5886.4951 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\FBAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No File
BHO: Yontoo Layers (Drop Down Deals): {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{898ADEAD-261F-4909-98B4-BF445BDC8201} : DhcpNameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{898ADEAD-261F-4909-98B4-BF445BDC8201}\356535E45647 : DhcpNameServer = 192.168.16.2 192.168.2.2
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No File
BHO-X64: Yontoo Layers (Drop Down Deals): {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
BHO-X64: Yontoo Layer (Drop Down Deals)s - No File
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\h8weh3ej.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-9-22 478040]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-4-15 1646056]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-11-06 02:31:35 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED4276C-0136-49B3-A598-65634277B40D}\offreg.dll
2011-11-05 03:34:44 -------- d-----we C:\Windows\system64
2011-10-28 08:21:29 -------- d-----w- C:\ProgramData\MAGIX
2011-10-28 08:21:29 -------- d-----w- C:\Program Files (x86)\MAGIX
2011-10-28 07:50:06 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)
2011-10-28 07:50:05 -------- d-----w- C:\ProgramData\Tarma Installer
2011-10-28 06:16:21 57344 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2011-10-28 06:16:20 60273 ----a-w- C:\Windows\SysWow64\pthreadGC2.dll
2011-10-28 06:16:20 -------- d-----w- C:\Program Files (x86)\ffdshow
2011-10-28 06:16:10 -------- d-----w- C:\Program Files (x86)\Haali
2011-10-28 06:16:03 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2011-10-28 06:15:33 147456 ----a-w- C:\Windows\SysWow64\stQTSource.ax
2011-10-28 06:15:32 70656 ----a-w- C:\Windows\SysWow64\RLAPEDec.ax
2011-10-28 06:15:32 438272 ----a-w- C:\Windows\SysWow64\Mpeg2DecFilter.ax
2011-10-28 06:15:32 290816 ----a-w- C:\Windows\SysWow64\stFLVSource.ax
2011-10-28 06:15:32 217088 ----a-w- C:\Windows\SysWow64\CoreFLACDecoder.ax
2011-10-28 06:15:32 1184984 ----a-w- C:\Windows\SysWow64\wvc1dmod.dll
2011-10-28 06:15:32 -------- d-----w- C:\Program Files (x86)\Sothink Movie DVD Maker
2011-10-28 06:15:32 -------- d-----w- C:\Program Files (x86)\Common Files\SourceTec
2011-10-28 03:21:55 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2011-10-28 00:14:47 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2011-10-27 23:05:43 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED4276C-0136-49B3-A598-65634277B40D}\mpengine.dll
2011-10-27 22:37:23 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2011-10-27 22:24:01 -------- d-----w- C:\Users\Adam\AppData\Roaming\Malwarebytes
2011-10-27 22:23:55 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-27 21:48:53 -------- d-----w- C:\Users\Adam\AppData\Local\ElevatedDiagnostics
2011-10-27 18:00:14 -------- d-----w- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2011-10-27 17:58:04 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
2011-10-27 17:45:56 -------- d-----w- C:\Users\Adam\AppData\Roaming\NCH Software
2011-10-27 06:00:52 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c7ebde851cc946d12\bingbarsetup.exe
2011-10-27 06:00:24 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2011-10-27 06:00:24 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2011-10-27 06:00:24 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2011-10-27 06:00:24 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-10-27 06:00:09 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\af0e26101cc946d11\MeshBetaRemover.exe
2011-10-27 05:59:53 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a50c5b4d1cc946d10\DSETUP.dll
2011-10-27 05:59:53 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a50c5b4d1cc946d10\DXSETUP.exe
2011-10-27 05:59:53 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a50c5b4d1cc946d10\dsetup32.dll
2011-10-27 05:59:32 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\984488551cc946d0f\DSETUP.dll
2011-10-27 05:59:32 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\984488551cc946d0f\DXSETUP.exe
2011-10-27 05:59:32 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\984488551cc946d0f\dsetup32.dll
2011-10-27 05:59:20 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll
2011-10-27 05:59:20 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2011-10-27 05:59:20 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2011-10-27 05:59:20 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2011-10-27 03:08:53 -------- d-----w- C:\Program Files (x86)\NCH Software
2011-10-27 03:07:36 -------- d-----w- C:\Program Files (x86)\MP3 Audio Recorder
2011-10-26 19:56:00 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2011-10-26 19:55:50 -------- d-----w- C:\Users\Adam\AppData\Roaming\TP
2011-10-25 03:54:03 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-10-25 03:53:13 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-10-25 03:51:55 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-10-25 03:51:44 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-10-25 01:16:01 -------- d-----w- C:\Program Files (x86)\RosettaStoneLtdServices
2011-10-23 20:13:19 -------- d-----w- C:\Program Files (x86)\Aurora
2011-10-21 20:40:16 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-19 21:44:43 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-10-19 21:44:43 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-10-13 23:46:07 -------- d-----w- C:\Users\Adam\AppData\Roaming\SUPERAntiSpyware.com
2011-10-13 23:37:40 -------- d-----w- C:\Users\Adam\AppData\Local\GameMaker8.1
2011-10-13 23:37:38 -------- d-----w- C:\Users\Adam\AppData\Local\YoYo_Games_Ltd
2011-10-13 23:37:00 -------- d-----w- C:\Users\Adam\GameMaker 8.1
2011-10-13 23:37:00 -------- d-----w- C:\Users\Adam\AppData\Roaming\GameMaker
2011-10-13 21:11:49 -------- d-----w- C:\Users\Adam\AppData\Local\Diagnostics
2011-10-11 20:09:36 -------- d-----w- C:\Users\Adam\AppData\Roaming\OpenOffice.org
2011-10-11 20:04:21 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2011-10-11 20:03:49 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-11 19:45:12 3134976 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2011-10-27 23:02:33 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-10-27 23:02:33 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-10-11 19:47:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-10-11 19:47:54 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-10-11 19:47:54 482816 ----a-w- C:\Windows\System32\html.iec
2011-10-11 19:47:54 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-10-11 19:47:54 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-10-11 19:47:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-11 19:47:54 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-11 19:47:54 1197568 ----a-w- C:\Windows\System32\wininet.dll
2011-10-06 18:15:02 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-10-06 18:15:02 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-10-06 18:15:02 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-10-06 18:15:02 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-10-06 18:15:02 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-10-06 18:15:02 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-10-06 18:15:02 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-10-06 18:15:02 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-10-06 18:15:02 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-10-06 18:15:02 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-09-22 17:00:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-09-22 17:00:18 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-09-22 16:59:02 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-09-22 16:59:02 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-09-22 16:59:02 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-09-22 16:58:15 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-09-22 16:55:17 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-09-22 16:55:17 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-09-22 16:55:17 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-09-22 16:55:17 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-09-22 16:55:17 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-09-22 16:55:17 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-09-22 16:55:17 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-09-22 16:55:17 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-09-22 16:55:17 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-09-22 16:53:41 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-09-22 16:53:41 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-09-22 16:53:41 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-09-22 16:48:48 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-09-22 16:48:48 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-09-22 16:47:49 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-09-22 16:47:49 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-09-22 16:47:49 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-09-22 16:47:15 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-09-22 16:46:47 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-09-22 16:44:56 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-09-22 16:44:56 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-09-22 16:44:29 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-09-22 16:44:12 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-09-22 16:44:12 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-09-22 16:43:37 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-09-22 16:43:37 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-09-22 16:43:07 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-09-22 16:43:07 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-09-22 16:42:37 2870272 ----a-w- C:\Windows\explorer.exe
2011-09-22 16:42:37 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-09-22 16:42:08 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-09-22 16:42:08 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-09-22 16:42:08 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-09-22 16:41:43 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-09-22 16:41:43 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-09-22 16:41:08 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-09-22 16:41:08 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-09-22 16:41:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-09-22 16:41:08 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-09-22 16:40:08 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2011-09-22 16:39:42 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-09-22 16:39:07 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-09-22 16:39:07 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-09-22 16:39:07 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-09-22 16:39:07 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-09-22 16:38:36 640896 ----a-w- C:\Windows\System32\winload.efi
2011-09-22 16:38:36 603976 ----a-w- C:\Windows\System32\winload.exe
2011-09-22 16:38:36 556928 ----a-w- C:\Windows\System32\winresume.efi
2011-09-22 16:38:36 518160 ----a-w- C:\Windows\System32\winresume.exe
2011-09-22 16:38:36 20352 ----a-w- C:\Windows\System32\kdusb.dll
2011-09-22 16:38:36 19328 ----a-w- C:\Windows\System32\kd1394.dll
2011-09-22 16:38:36 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-09-22 16:38:05 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-09-22 16:38:05 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-09-22 16:37:33 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-09-22 16:37:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-09-22 16:37:33 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-09-22 16:37:33 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-09-22 16:37:33 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-09-22 16:37:05 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-09-22 16:37:05 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-09-22 16:37:05 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-09-22 16:37:05 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-09-22 16:36:30 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2011-09-22 16:36:30 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-09-22 16:36:30 723968 ----a-w- C:\Windows\System32\EncDec.dll
2011-09-22 16:36:30 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2011-09-22 16:36:30 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-09-22 16:36:30 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-09-22 16:36:30 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-09-22 16:36:30 1118720 ----a-w- C:\Windows\System32\sbe.dll
2011-09-22 16:35:58 1739176 ----a-w- C:\Windows\System32\ntdll.dll
2011-09-22 16:35:58 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-09-22 16:33:42 97280 ----a-w- C:\Windows\System32\wscsvc.dll
.
============= FINISH: 19:38:40.68 ===============
 

Attachments

kakuzu666

Thread Starter
Joined
Nov 6, 2011
Messages
3
Sorry, here is a report of Hijackthis.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:03:02 PM, on 11/5/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16869)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file)
O2 - BHO: Yontoo Layer (Drop Down Deals)s - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - (no file)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8464 bytes
 

kakuzu666

Thread Starter
Joined
Nov 6, 2011
Messages
3
Bump. Has been 32 hrs and I'm pretty sure I just need a scan from Combofix to fix this issue.
 

Blade81

Malware Specialist
Joined
Oct 27, 2006
Messages
924
Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.


Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop. Post them back to your topic.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top