1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help! Netbook is VERY slow

Discussion in 'Virus & Other Malware Removal' started by ktmac, Dec 23, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    I have an ASUS Eee netbook with Windows 7 Starter that has been running slowly for awhile, but I think it has gotten progressively worse. Even just opening an email can take a while. In the last couple weeks, when I try to play a video, it takes a good 10-20 seconds before I get any sound. I couldn't get through the GMER scan. I got an error message saying that it couldn't continue because there was an issue. The results for the other scans are below, though. Thanks in advance!

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:18:35 PM, on 12/22/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Protected Search\ProtectedSearch.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
    C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
    C:\Program Files\TiVo\Desktop\TiVoServer.exe
    C:\Program Files\TiVo\Desktop\TiVoTransfer.exe
    C:\Program Files\TiVo\Desktop\TiVoNotify.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Fitbit\fitbit-tray.exe
    C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\taskeng.exe
    C:\Users\Katie\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=2938
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=2938
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Katie\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~1\WINZIP~1\wzwmcie.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Katie\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
    O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
    O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
    O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
    O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
    O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk"
    O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
    O4 - HKCU\..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe /service /registry /auto:TivoServer
    O4 - HKCU\..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe
    O4 - HKCU\..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe /service /registry /auto:TivoNotify
    O4 - HKCU\..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Users\Katie\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Fitbit Service Monitor] C:\Program Files\Fitbit\fitbit-tray.exe
    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
    O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
    O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Katie\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Fitbit Data Uploader (Fitbit) - Fitbit, Inc. - C:\Program Files\Fitbit\fitbit.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    --
    End of file - 17828 bytes

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16457
    Run by Katie at 23:23:08 on 2012-12-22
    Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1015.88 [GMT -5:00]
    .
    AV: Trend Micro Titanium 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
    SP: Trend Micro Titanium 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\System32\spoolsv.exe
    C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
    C:\windows\system32\conhost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
    C:\windows\system32\conhost.exe
    C:\Windows\System32\AsusService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Fitbit\fitbit.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Protected Search\ProtectedSearch.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
    C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
    C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
    C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
    C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
    C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
    C:\Program Files\TiVo\Desktop\TiVoServer.exe
    C:\Program Files\TiVo\Desktop\TiVoTransfer.exe
    C:\Program Files\TiVo\Desktop\TiVoNotify.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Fitbit\fitbit-tray.exe
    C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\system32\DllHost.exe
    C:\Users\Katie\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\system32\taskhost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
    uSearch Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    uSearch Page = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    uDefault_Page_URL = hxxp://asus.msn.com
    uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    mStart Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
    mSearch Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    mSearch Page = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\program files\trend micro\amsp\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
    BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: DownTango Launcher: {8d3ec233-b92d-4187-a506-284127cfba2d} - c:\users\katie\appdata\roaming\downtango4stoolbar\DownTango4SToolbar.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
    BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - c:\program files\winzip courier\wzwmcie.dll
    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - c:\program files\trend micro\amsp\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: <No Name>: - LocalServer32 - <no file>
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: DownTango Launcher: {8d3ec233-b92d-4187-a506-284127cfba2d} - c:\users\katie\appdata\roaming\downtango4stoolbar\DownTango4SToolbar.dll
    uRun: [TivoServer] c:\program files\tivo\desktop\TiVoServer.exe /service /registry /auto:TivoServer
    uRun: [TivoTransfer] c:\program files\tivo\desktop\TiVoTransfer.exe
    uRun: [TivoNotify] c:\program files\tivo\desktop\TiVoNotify.exe /service /registry /auto:TivoNotify
    uRun: [TranscodingService] c:\program files\tivo\desktop\plus\\TranscodingService.exe
    uRun: [cdloader] "c:\users\katie\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
    uRun: [Google Update] "c:\users\katie\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
    uRun: [Fitbit Service Monitor] c:\program files\fitbit\fitbit-tray.exe
    uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
    uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
    uRun: [com.apple.dav.bookmarks.daemon] c:\program files\common files\apple\internet services\BookmarkDAV_client.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [HotkeyMon] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotKeyMon.exe
    mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe
    mRun: [SuperHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exe
    mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
    mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
    mRun: [SynAsusAcpi] c:\program files\synaptics\syntp\SynAsusAcpi.exe
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
    mRun: [Boingo Wi-Fi] "c:\program files\boingo\boingo wi-fi\Boingo.lnk"
    mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Trend Micro Titanium] "c:\program files\trend micro\titanium\uiframework\uiWinMgr.exe" -set Silent "1" SplashURL ""
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
    StartupFolder: c:\users\katie\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
    IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Lookup on Merriam Webster - c:\program files\iespell\Merriam Webster.HTM
    IE: Lookup on Wikipedia - c:\program files\iespell\wikipedia.HTM
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll
    IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
    IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    IE: {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - {8d3ec233-b92d-4187-a506-284127cfba2d}
    IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{258CA9DF-74F6-4BCC-B9E8-406F5544861D} : DHCPNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{3E40BC18-5BAB-4EFF-B923-1BC69EDAFCDB} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{3E40BC18-5BAB-4EFF-B923-1BC69EDAFCDB}\3756C6C6562737 : DHCPNameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{3E40BC18-5BAB-4EFF-B923-1BC69EDAFCDB}\7596E676164756022697027597E6468616D6 : DHCPNameServer = 4.2.2.1
    TCP: Interfaces\{3E40BC18-5BAB-4EFF-B923-1BC69EDAFCDB}\7657563747 : DHCPNameServer = 205.152.132.23 205.152.37.23
    TCP: Interfaces\{3E40BC18-5BAB-4EFF-B923-1BC69EDAFCDB}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{3E40BC18-5BAB-4EFF-B923-1BC69EDAFCDB}\D436B496E6E6F6E6E456472323 : DHCPNameServer = 209.18.47.61 209.18.47.62
    Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-7-25 11832]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
    R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2012-1-13 76648]
    R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-11-16 51712]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-29 39272]
    S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2012-7-19 21992]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-22 52224]
    .
    =============== Created Last 30 ================
    .
    2012-12-23 03:30:28 -------- d-----w- c:\users\katie\appdata\local\ElevatedDiagnostics
    2012-12-23 01:42:07 -------- d-----w- c:\users\katie\appdata\local\{CC7E15F9-9AE1-44FB-8762-C98B5A2DE786}
    2012-12-22 13:28:44 -------- d-----w- c:\users\katie\appdata\local\{8C512368-93BC-46F1-9B1A-1EAA277A2634}
    2012-12-22 01:28:29 -------- d-----w- c:\users\katie\appdata\local\{B87BBF1F-8E75-4954-AD92-7AD108F2D8AB}
    2012-12-21 13:31:52 295424 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-21 13:31:50 34304 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-21 13:27:44 -------- d-----w- c:\users\katie\appdata\local\{11176C4C-4B71-49A0-AC5D-909396767D80}
    2012-12-21 00:50:48 -------- d-----w- c:\users\katie\appdata\local\{C5655310-B255-42C2-B1DF-D73C7C2F6192}
    2012-12-20 12:50:35 -------- d-----w- c:\users\katie\appdata\local\{0506A585-F8C6-445C-AF72-F8D78B7EF94D}
    2012-12-20 00:50:16 -------- d-----w- c:\users\katie\appdata\local\{24736534-783D-40A9-ACDD-422E2C61C45C}
    2012-12-19 20:48:49 -------- d-----w- c:\users\katie\appdata\local\{96EFE8F5-FFB0-40E5-8EFE-E3A1470A256C}
    2012-12-19 04:33:15 -------- d-----w- c:\users\katie\appdata\local\{196D5152-B316-456E-A41F-5868F28A659D}
    2012-12-18 11:49:45 -------- d-----w- c:\users\katie\appdata\local\{2CB06E51-CAEB-4469-966E-23D5D209CC7D}
    2012-12-17 23:00:38 -------- d-----w- c:\users\katie\appdata\local\{59D2AD88-A55A-4160-891F-F403D8245714}
    2012-12-17 04:49:42 -------- d-----w- c:\users\katie\appdata\local\{CD95D3C4-6F76-4271-BEC3-E1EA0C011F42}
    2012-12-16 04:48:43 -------- d-----w- c:\users\katie\appdata\local\{D0E18CD3-952A-48BD-90BB-0DA4167C629D}
    2012-12-16 00:36:56 -------- d-----w- c:\users\katie\appdata\local\{0F50185E-FB3F-4125-84CB-3344CFB2AE14}
    2012-12-15 11:30:27 -------- d-----w- c:\users\katie\appdata\local\{EC2A2086-9729-4465-8825-83EDEA87031A}
    2012-12-14 23:01:49 -------- d-----w- c:\users\katie\appdata\local\{EB6EA293-AE19-4AE8-A031-01331A6928D5}
    2012-12-14 00:36:41 -------- d-----w- c:\users\katie\appdata\local\{DDA7FB13-F169-4D20-BDAA-EDF33F6FDF69}
    2012-12-13 12:35:32 -------- d-----w- c:\users\katie\appdata\local\{91BA1F53-E07D-4BFD-B436-250E8292C524}
    2012-12-13 00:11:59 -------- d-----w- c:\users\katie\appdata\local\{3219CA7D-A9E8-401A-9BFA-149A40ED466B}
    2012-12-12 12:38:50 376832 ----a-w- c:\windows\system32\dpnet.dll
    2012-12-12 12:38:43 2345984 ----a-w- c:\windows\system32\win32k.sys
    2012-12-12 12:38:09 293376 ----a-w- c:\windows\system32\KernelBase.dll
    2012-12-12 12:38:07 271360 ----a-w- c:\windows\system32\conhost.exe
    2012-12-12 12:38:07 169984 ----a-w- c:\windows\system32\winsrv.dll
    2012-12-12 12:34:13 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-12-12 12:09:33 -------- d-----w- c:\users\katie\appdata\local\{F0BE0060-6453-44FB-AC72-8367C6287451}
    2012-12-11 23:02:40 -------- d-----w- c:\users\katie\appdata\local\{397C7594-FA5C-43AB-94B1-CD5F09CA39FC}
    2012-12-11 02:44:09 -------- d-----w- c:\users\katie\appdata\local\{09C1CE83-D82B-4BB3-A51E-132FC7E3EB02}
    2012-12-10 19:17:08 -------- d-----w- c:\users\katie\appdata\local\{95D941F3-A3D1-43B3-B625-47C3386B6F69}
    2012-12-10 02:37:02 -------- d-----w- c:\users\katie\appdata\local\{35CF5593-5813-4C1C-9E0C-F7CD37415F76}
    2012-12-09 14:19:04 -------- d-----w- c:\users\katie\appdata\local\{E0EA87E7-8B39-4648-B658-82BFD79E1665}
    2012-12-09 02:18:15 -------- d-----w- c:\users\katie\appdata\local\{96FA52EF-1575-402B-8898-B27B25572781}
    2012-12-08 13:35:15 -------- d-----w- c:\users\katie\appdata\local\{7E6CB14B-7ECF-4372-A681-388E25D01E7E}
    2012-12-08 01:34:13 -------- d-----w- c:\users\katie\appdata\local\{17034B6B-8AD7-41F9-BD0C-7264DA26564E}
    2012-12-07 13:18:25 -------- d-----w- c:\users\katie\appdata\local\{DA031985-9730-495C-8241-07BF38F7C398}
    2012-12-06 22:59:52 -------- d-----w- c:\users\katie\appdata\local\{A82D1584-CA05-4DEC-871C-6A8C4A544F12}
    2012-12-06 04:02:31 -------- d-----w- c:\users\katie\appdata\local\{CBADCEF0-A7E5-47D2-B79E-25DEA7B3C8FC}
    2012-12-05 19:46:40 -------- d-----w- c:\users\katie\appdata\local\{5907641F-2F40-4FA2-9184-33EDA3A28300}
    2012-12-05 02:56:12 -------- d-----w- c:\users\katie\appdata\local\{F6636D69-4730-4665-8F64-E42F28481DA1}
    2012-12-04 13:44:50 -------- d-----w- c:\users\katie\appdata\local\{9653B93B-BF62-462C-B471-EF318E5474F5}
    2012-12-03 22:18:37 -------- d-----w- c:\users\katie\appdata\local\{3EA5C19C-2EC0-480A-BC33-AFE452979948}
    2012-12-03 02:29:49 -------- d-----w- c:\users\katie\appdata\local\{0800EA05-BFFF-4681-AF51-42132B93EA83}
    2012-12-02 14:29:36 -------- d-----w- c:\users\katie\appdata\local\{AD2D2EF7-5D9B-4FB1-A08C-3E8F79491E11}
    2012-12-02 02:29:22 -------- d-----w- c:\users\katie\appdata\local\{F17E82F3-AB4E-46A7-8A3C-FDEC5F1711A2}
    2012-12-01 16:31:09 -------- d-----w- c:\programdata\Canon_Inc_IC
    2012-12-01 14:29:08 -------- d-----w- c:\users\katie\appdata\local\{A82156AC-E8F7-41E4-8575-60416BDF8669}
    2012-12-01 03:46:51 -------- d-----w- c:\users\katie\appdata\roaming\calibre
    2012-12-01 03:43:55 -------- d-----w- c:\program files\Calibre2
    2012-12-01 02:19:33 -------- d-----w- c:\users\katie\appdata\local\{7247507C-B6CC-4FC5-B847-991F1562A3F0}
    2012-11-30 13:29:06 -------- d-----w- c:\users\katie\appdata\local\{3F23FABE-9709-408B-B892-01DDB3115A80}
    2012-11-30 01:11:43 -------- d-----w- c:\users\katie\appdata\local\{2372A58E-F76F-48DD-86B3-2724A22CE32B}
    2012-11-29 12:54:04 -------- d-----w- c:\users\katie\appdata\local\{DA1B0C8B-C83F-44A0-B9DA-167112104062}
    2012-11-29 00:53:32 -------- d-----w- c:\users\katie\appdata\local\{9042B141-C3B8-4D2F-8B96-A6029A95CFF0}
    2012-11-28 12:53:10 -------- d-----w- c:\users\katie\appdata\local\{61F2A46E-0273-4195-B709-C0E94EAECBFF}
    2012-11-28 00:52:38 -------- d-----w- c:\users\katie\appdata\local\{3D9470D0-311F-4042-819B-0380FB1EED39}
    2012-11-27 12:48:29 -------- d-----w- c:\users\katie\appdata\local\{BBB8DABE-377F-4053-9BCE-D3DFCD84193C}
    2012-11-27 00:48:16 -------- d-----w- c:\users\katie\appdata\local\{40E6AEC3-248F-4CB2-A36D-D1E3209A6278}
    2012-11-26 12:48:03 -------- d-----w- c:\users\katie\appdata\local\{4EDC992B-574D-41FA-8FA7-5C452C315E5A}
    2012-11-26 00:47:47 -------- d-----w- c:\users\katie\appdata\local\{4E8CD9B4-8374-49F8-9E44-E55F70D01051}
    2012-11-25 12:47:30 -------- d-----w- c:\users\katie\appdata\local\{8C50C976-81D0-4F4B-B991-69CAFC3F86F3}
    2012-11-25 00:47:16 -------- d-----w- c:\users\katie\appdata\local\{065E0F37-489E-4760-8FC2-D75A10558C3D}
    2012-11-24 12:46:57 -------- d-----w- c:\users\katie\appdata\local\{2EE4DE38-1CA0-4592-9B67-1047EC89F6A4}
    2012-11-24 03:26:17 -------- d-----w- c:\programdata\Canon IJ Network Tool
    2012-11-24 03:25:59 323584 ----a-w- c:\windows\system32\CNC_AUL.dll
    2012-11-24 03:25:58 286720 ----a-w- c:\windows\system32\CNC_AUC.dll
    2012-11-24 03:25:58 114688 ----a-w- c:\windows\system32\CNC_AUU.dll
    2012-11-24 03:25:58 114688 ----a-w- c:\windows\system32\CNC_AUI.dll
    2012-11-24 03:25:57 15872 ----a-w- c:\windows\system32\CNHMCA.dll
    2012-11-24 03:23:44 84992 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAU.DLL
    2012-11-24 03:23:44 29184 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAU.DLL
    2012-11-24 03:21:57 311296 ----a-w- c:\windows\system32\CNMLMAU.DLL
    2012-11-24 03:21:44 184320 ----a-w- c:\windows\system32\CNMIUAU.DLL
    2012-11-24 03:21:03 366592 ----a-w- c:\windows\system32\CNMNPPM.DLL
    2012-11-24 03:21:03 35840 ----a-w- c:\windows\system32\CNMNPUI.DLL
    2012-11-24 03:21:03 -------- d-----w- c:\windows\system32\STRING
    2012-11-24 03:18:37 -------- d-----w- c:\program files\Canon
    2012-11-23 17:37:41 -------- d-----w- c:\users\katie\appdata\local\{54AA25FE-1A88-4073-9430-C21C90E96008}
    2012-11-23 04:51:03 -------- d-----w- c:\users\katie\appdata\local\{A5FDE613-6442-4D70-8127-2D180B79B4B2}
    .
    ==================== Find3M ====================
    .
    2012-12-12 03:46:45 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-12 03:46:44 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
    2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
    2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll
    2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll
    2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll
    2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll
    2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll
    2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
    2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2012-09-25 22:47:43 78336 ----a-w- c:\windows\system32\synceng.dll
    2012-09-25 02:01:24 95224 ----a-w- c:\windows\system32\drivers\tmactmon.sys
    2012-09-25 02:00:48 76648 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
    2012-09-25 02:00:12 257952 ----a-w- c:\windows\system32\drivers\tmcomm.sys
    2012-09-24 19:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-09-24 19:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll
    .
    ============= FINISH: 23:28:44.43 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Starter
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/31/2010 9:58:25 PM
    System Uptime: 12/22/2012 12:19:14 AM (23 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | 1005HA
    Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | PBGA 437 | 800/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 139 GiB total, 64.209 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP223: 11/29/2012 5:31:13 AM - Windows Update
    RP224: 11/30/2012 10:36:58 PM - Installed calibre
    RP225: 12/8/2012 10:53:39 AM - Scheduled Checkpoint
    RP226: 12/13/2012 7:50:33 AM - Windows Update
    RP227: 12/21/2012 8:28:02 AM - Windows Update
    RP228: 12/22/2012 9:56:12 PM - Removed PlayOn
    RP229: 12/22/2012 10:03:05 PM - Removed Safari
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    32 Bit HP CIO Components Installer
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.4)
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ASUSUpdate for Eee PC
    AsusVibe2.0
    Atheros Client Installation Program
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    Audible Download Manager
    Bing Bar
    Boingo Wi-Fi
    Bonjour
    calibre
    Canon IJ Network Scanner Selector EX
    Canon IJ Network Tool
    Canon MG6200 series MP Drivers
    Chicken Invaders 2
    Citrix online plug-in - web
    Citrix online plug-in (DV)
    Citrix online plug-in (HDX)
    Citrix online plug-in (USB)
    Citrix online plug-in (Web)
    Compatibility Pack for the 2007 Office system
    D3DX10
    DownTango Launcher 1.6
    E-Cam
    ebi.BookReader3J
    Eee Docking 3.6.0
    Fitbit Base Station (Driver Removal)
    Fitbit v2.1.0.8
    FontResizer
    Game Park Console
    Google Chrome
    Hotkey Service
    iCloud
    ieSpell
    Intel(R) Graphics Media Accelerator Driver
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 37
    Junk Mail filter update
    LeapFrog Connect
    LeapFrog My Pals Plugin
    LiveUpdate
    magicJack
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (Dutch) 2007
    Microsoft Office Access MUI (French) 2007
    Microsoft Office Access MUI (German) 2007
    Microsoft Office Access MUI (Italian) 2007
    Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Excel MUI (French) 2007
    Microsoft Office Excel MUI (German) 2007
    Microsoft Office Excel MUI (Italian) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (Dutch) 2007
    Microsoft Office Groove MUI (French) 2007
    Microsoft Office Groove MUI (German) 2007
    Microsoft Office Groove MUI (Italian) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office InfoPath MUI (Dutch) 2007
    Microsoft Office InfoPath MUI (French) 2007
    Microsoft Office InfoPath MUI (German) 2007
    Microsoft Office InfoPath MUI (Italian) 2007
    Microsoft Office Language Pack 2007 - Dutch/Nederlands
    Microsoft Office Language Pack 2007 - French/Français
    Microsoft Office Language Pack 2007 - German/Deutsch
    Microsoft Office Language Pack 2007 - Italian/Italiano
    Microsoft Office Live Add-in 1.5
    Microsoft Office O MUI (Dutch) 2007
    Microsoft Office O MUI (French) 2007
    Microsoft Office O MUI (German) 2007
    Microsoft Office O MUI (Italian) 2007
    Microsoft Office OneNote MUI (Dutch) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office OneNote MUI (French) 2007
    Microsoft Office OneNote MUI (German) 2007
    Microsoft Office OneNote MUI (Italian) 2007
    Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
    Microsoft Office Outlook MUI (Dutch) 2007
    Microsoft Office Outlook MUI (French) 2007
    Microsoft Office Outlook MUI (German) 2007
    Microsoft Office Outlook MUI (Italian) 2007
    Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint MUI (French) 2007
    Microsoft Office PowerPoint MUI (German) 2007
    Microsoft Office PowerPoint MUI (Italian) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (Arabic) 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proof (Italian) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing (French) 2007
    Microsoft Office Proofing (German) 2007
    Microsoft Office Proofing (Italian) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (Dutch) 2007
    Microsoft Office Publisher MUI (French) 2007
    Microsoft Office Publisher MUI (German) 2007
    Microsoft Office Publisher MUI (Italian) 2007
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared MUI (French) 2007
    Microsoft Office Shared MUI (German) 2007
    Microsoft Office Shared MUI (Italian) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
    Microsoft Office SharePoint Designer MUI (Dutch) 2007
    Microsoft Office SharePoint Designer MUI (French) 2007
    Microsoft Office SharePoint Designer MUI (German) 2007
    Microsoft Office SharePoint Designer MUI (Italian) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Office Word MUI (French) 2007
    Microsoft Office Word MUI (German) 2007
    Microsoft Office Word MUI (Italian) 2007
    Microsoft Office X MUI (Dutch) 2007
    Microsoft Office X MUI (French) 2007
    Microsoft Office X MUI (German) 2007
    Microsoft Office X MUI (Italian) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
    Mise à jour Microsoft Office Word 2007 Help (KB963665)
    MSVCRT
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB973685)
    OGA Notifier 2.0.0048.0
    OverDrive Media Console
    Protected Search 1.1
    QuickTime
    Ralink RT2860 Wireless LAN Card
    Realtek High Definition Audio Driver
    Safari
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Skype web features
    Skype™ 5.10
    Super Hybrid Engine
    Synaptics Pointing Device Driver
    TiVo Desktop 2.8.1
    TomTom HOME 2.8.2.2264
    TomTom HOME Visual Studio Merge Modules
    Trend Micro Titanium
    Trend Micro Titanium 2012
    Update für Microsoft Office Excel 2007 Help (KB963678)
    Update für Microsoft Office Outlook 2007 Help (KB963677)
    Update für Microsoft Office Powerpoint 2007 Help (KB963669)
    Update für Microsoft Office Word 2007 Help (KB963665)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update voor Microsoft Office Excel 2007 Help (KB963678)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
    Update voor Microsoft Office Word 2007 Help (KB963665)
    Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
    Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinZip Courier
    YNAB 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/22/2012 9:36:31 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.
    12/22/2012 7:43:44 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    12/22/2012 5:43:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
    12/22/2012 1:12:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    12/22/2012 1:12:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
    12/21/2012 9:30:28 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.115. The computer with the IP address 192.168.1.1 did not allow the name to be claimed by this computer.
    12/21/2012 7:51:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
    12/21/2012 3:07:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    .
    ==== End Of File ===========================
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi, my name is Mark and I will be helping you.

    IMPORTANT: Please take the time to read this first.
    For the benefit of others that are waiting for help please try to respond as fast as you can and make sure you read all of the instructions I will be giving you to follow. Time spent waiting for replies or having to repeat questions keeps other people waiting in the queue for help.

    I am in Spain at GMT+1 hour, I check my emails several times a day so will usually reply to your responses within a few hours or less unless it is night time here. During the evening here I will usually reply within minutes. Please try to do the same for a swift clean up. Some Malware needs to be dealt with quickly or it will multiply and become deeply embedded in your system and more difficult to find and remove, so quick replies will have more than one benefit.

    Keep in mind that I cannot see your PC, so please give as much detail as possible if something goes wrong or you receive any error messages.

    Malware can be unpredictable and often time consuming to remove, on rare occasions something can go awry and your system may need to have Windows re-installed. Please make sure before we start that you have copies of all your important data saved to an external hard drive or CD/DVD's. Please make sure you disconnect any external hard drives and/or Flash drives during the clean up.

    If you have run any scans that found an infection please let me know.

    DO NOT run any scans or make any changes that I have not asked you to do as this can cause misleading results and make my job much harder in trying to help you. Please also uninstall any file sharing software i.e. uTorrent, BitTorrent, etc, if you insist on keeping it do not use it until we are finished. Use of file sharing software is one of the easiest ways to get your PC infected.

    If I get no reply from you for two days I will mark the thread as Solved and move on to helping someone else. If you know you will be unable to reply for any length of time please let me know in advance.

    Please don't abandon the thread as soon as your PC starts to work normally again as there will be other important checks to make to help protect your system from re-infection. It is also important to follow the correct procedure when removing the tools used to ensure all quarantined infections are completely removed and infected Restore Points are safely deleted.

    Stick with me and we can quickly clean up your PC, if you cannot dedicate the time then a Reformat and Re-install will be your quickest option.

    _____________________________________________________________________________________

    Please run these two scans and post the logs:

    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post.

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page click on this: [​IMG]

    • Quit all running programs
    • Start RogueKiller.exe
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]
     
  3. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    Thanks in advance for your help! I am currently at GMT-8, just for reference.

    # AdwCleaner v2.102 - Logfile created 12/25/2012 at 02:03:10
    # Updated 23/12/2012 by Xplode
    # Operating system : Windows 7 Starter Service Pack 1 (32 bits)
    # User : Katie - KATIE-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Katie\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\Users\Katie\AppData\Local\Temp\Uninstall.exe

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=2938&new=true --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com

    -\\ Google Chrome v23.0.1271.97

    File : C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.16] : homepage = "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938",
    Deleted [l.1651] : homepage = "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938",

    *************************

    AdwCleaner[S1].txt - [4685 octets] - [25/12/2012 02:03:10]

    ########## EOF - C:\AdwCleaner[S1].txt - [4745 octets] ##########


    RogueKiller V8.4.1 [Dec 24 2012] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
    Started in : Normal mode
    User : Katie [Admin rights]
    Mode : Scan -- Date : 12/25/2012 02:21:25

    ¤¤¤ Bad processes : 3 ¤¤¤
    [SUSP PATH] TiVoServer.exe -- C:\Program Files\TiVo\Desktop\TiVoServer.exe -> KILLED [TermProc]
    [SUSP PATH] TiVoTransfer.exe -- C:\Program Files\TiVo\Desktop\TiVoTransfer.exe -> KILLED [TermProc]
    [SUSP PATH] TiVoNotify.exe -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 10 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : TivoServer (C:\Program Files\TiVo\Desktop\TiVoServer.exe /service /registry /auto:TivoServer) -> FOUND
    [RUN][SUSP PATH] HKCU\[...]\Run : TivoTransfer (C:\Program Files\TiVo\Desktop\TiVoTransfer.exe) -> FOUND
    [RUN][SUSP PATH] HKCU\[...]\Run : TivoNotify (C:\Program Files\TiVo\Desktop\TiVoNotify.exe /service /registry /auto:TivoNotify) -> FOUND
    [RUN][SUSP PATH] HKCU\[...]\Run : TranscodingService (C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-3964756235-1547538428-318114823-1000[...]\Run : TivoServer (C:\Program Files\TiVo\Desktop\TiVoServer.exe /service /registry /auto:TivoServer) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-3964756235-1547538428-318114823-1000[...]\Run : TivoTransfer (C:\Program Files\TiVo\Desktop\TiVoTransfer.exe) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-3964756235-1547538428-318114823-1000[...]\Run : TivoNotify (C:\Program Files\TiVo\Desktop\TiVoNotify.exe /service /registry /auto:TivoNotify) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-3964756235-1547538428-318114823-1000[...]\Run : TranscodingService (C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤
    SSDT[70] : NtCreateKey @ 0x81E46F46 -> HOOKED (Unknown @ 0x84E99A64)
    SSDT[74] : NtCreateMutant @ 0x81E562B2 -> HOOKED (Unknown @ 0x84F0711C)
    SSDT[79] : NtCreateProcess @ 0x81F220C3 -> HOOKED (Unknown @ 0x84E883C4)
    SSDT[80] : NtCreateProcessEx @ 0x81F2210E -> HOOKED (Unknown @ 0x84E2E31C)
    SSDT[86] : NtCreateSymbolicLinkObject @ 0x81E47911 -> HOOKED (Unknown @ 0x84F396C4)
    SSDT[87] : NtCreateThread @ 0x81F21ECA -> HOOKED (Unknown @ 0x84C957E4)
    SSDT[88] : NtCreateThreadEx @ 0x81EB636B -> HOOKED (Unknown @ 0x84F3436C)
    SSDT[93] : NtCreateUserProcess @ 0x81EB429D -> HOOKED (Unknown @ 0x84E23D24)
    SSDT[103] : NtDeleteKey @ 0x81E31A27 -> HOOKED (Unknown @ 0x84C3F22C)
    SSDT[106] : NtDeleteValueKey @ 0x81E2343E -> HOOKED (Unknown @ 0x84C9353C)
    SSDT[111] : NtDuplicateObject @ 0x81E7767A -> HOOKED (Unknown @ 0x84F3968C)
    SSDT[155] : NtLoadDriver @ 0x81E0BC20 -> HOOKED (Unknown @ 0x84F07154)
    SSDT[190] : NtOpenProcess @ 0x81E57AF8 -> HOOKED (Unknown @ 0x84E8F09C)
    SSDT[194] : NtOpenSection @ 0x81EAF8BB -> HOOKED (Unknown @ 0x84E44A6C)
    SSDT[198] : NtOpenThread @ 0x81EA3FC3 -> HOOKED (Unknown @ 0x84C45554)
    SSDT[290] : NtRenameKey @ 0x81EE1FAB -> HOOKED (Unknown @ 0x84F347F4)
    SSDT[302] : NtRestoreKey @ 0x81ED7B5C -> HOOKED (Unknown @ 0x84C84C54)
    SSDT[350] : NtSetSystemInformation @ 0x81E9429A -> HOOKED (Unknown @ 0x84F39654)
    SSDT[358] : NtSetValueKey @ 0x81E50543 -> HOOKED (Unknown @ 0x84EFA62C)
    SSDT[370] : NtTerminateProcess @ 0x81EA0BFB -> HOOKED (Unknown @ 0x84253F14)
    SSDT[371] : NtTerminateThread @ 0x81EBE584 -> HOOKED (Unknown @ 0x84F341E4)
    SSDT[399] : NtWriteVirtualMemory @ 0x81EA5958 -> HOOKED (Unknown @ 0x84F33EDC)
    S_SSDT[584] : NtUserSetWindowsHookAW -> HOOKED (Unknown @ 0xA5809F2C)
    S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x85DFD134)

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\windows\system32\drivers\etc\hosts



    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: Hitachi HTS543216L9SA00 +++++
    --- User ---
    [MBR] 4503d9bf5a67b1e16bd3386b66f0f0bd
    [BSP] f30f5e968a65d4a64fc42340b5f68d85 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 142369 Mo
    1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 291573760 | Size: 10240 Mo
    2 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 312545280 | Size: 15 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_12252012_02d0221.txt >>
    RKreport[1]_S_12252012_02d0221.txt
     
  4. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    ADWCleaner has removed quite a few Adware threats, but RogueKiller found no problems.

    Has there been any improvement in the systems performance.

    Please run this scan:

    1. Download Malwarebytes Anti-Rootkit from this link mbar
    2. Unzip the File to a convenient location. (Recommend the Desktop)
    3. Open the folder where the contents were unzipped to run mbar.exe

    [​IMG]

    4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

    [​IMG]

    5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

    6. The following image opens, select Next.

    [​IMG]

    7. The following image opens, select Update

    [​IMG]

    8. When the Update completes, select Next

    [​IMG]

    9. In the following window ensure "Targets" are ticked. Then select "Scan"

    [​IMG]

    10. If an infection/s is found the "Cleanup Button" to remove threats will be available. A list of infected files will be listed like the following example:

    [​IMG]

    11. Do not select the "Clean up Button" select the "Exit" button, there will be a warning as follows:

    [​IMG]

    12. Select "Yes" to close down the program. If NO infections were found you will see the following image:

    [​IMG]

    13. Select "Exit" to close down.
    14. Copy and paste the two following logs from the mbar folder:

    System - log
    Mbar - log Date and time of scan will also be shown

    [​IMG]
     
  5. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    It seems to be running much faster already. I can't test a video to see if that issue has been resolved (I'm up with my baby right now), but I'll check that later this morning. The malware bytes scan found 2 files.

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1011

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x86

    Account is Administrative

    Internet Explorer version: 9.0.8112.16421

    Java version: 1.6.0_37

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 1.599000 GHz
    Memory total: 1064558592, free: 94519296

    ------------ Kernel report ------------
    12/26/2012 04:36:27
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntkrnlpa.exe
    \SystemRoot\system32\halmacpi.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\BOOTVID.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\DRIVERS\compbatt.sys
    \SystemRoot\system32\DRIVERS\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\DRIVERS\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\DRIVERS\disk.sys
    \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\tmcomm.sys
    \SystemRoot\system32\DRIVERS\tmevtmgr.sys
    \SystemRoot\system32\DRIVERS\tmactmon.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\DRIVERS\tmtdi.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\ctxusbm.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\drivers\AsUpIO.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\igdkmd32.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\athr.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\L1C62x86.sys
    \SystemRoot\system32\drivers\usbuhci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbfiltr.sys
    \SystemRoot\system32\drivers\kbdclass.sys
    \SystemRoot\system32\DRIVERS\SynTP.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\drivers\mouclass.sys
    \SystemRoot\system32\DRIVERS\CmBatt.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\drivers\povrtdev.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\umbus.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\RTKVHDA.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \??\C:\windows\system32\drivers\mbamchameleon.sys
    \??\C:\windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\shlwapi.dll
    \Windows\System32\msctf.dll
    \Windows\System32\nsi.dll
    \Windows\System32\lpk.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\ole32.dll
    \Windows\System32\shell32.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\wininet.dll
    \Windows\System32\usp10.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\psapi.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\imm32.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\user32.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\devobj.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\msasn1.dll
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xffffffff84c3e9a8
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-0\
    Lower Device Object: 0xffffffff83e49028
    Lower Device Driver Name: \Driver\iaStor\
    Driver name found: iaStor
    DriverEntry returned 0x0
    Function returned 0x0
    Downloaded database version: v2012.12.26.09
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 1
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xffffffff84c3e9a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xffffffff84c3e5e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xffffffff84c3e9a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xffffffff84252958, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xffffffff83e49028, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Upper DeviceData: 0xffffffffbf25a7f8, 0xffffffff84c3e9a8, 0xffffffff837693a0
    Lower DeviceData: 0xffffffffbf84bd48, 0xffffffff83e49028, 0xffffffffa59c4c50
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\windows\system32\drivers...
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 998ABF18

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048 Numsec = 291571712
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Other (0x1b)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 291573760 Numsec = 20971520

    Partition 2 type is Other (0xef)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 312545280 Numsec = 31425

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 160041885696 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-312561808-312581808)...
    Done!
    Performing system, memory and registry scan...
    Infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk --> [PUP.ProtectedSearch]
    Infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search --> [PUP.ProtectedSearch]
    Done!
    Scan finished
    =======================================

    Malwarebytes Anti-Rootkit 1.01.0.1011
    www.malwarebytes.org

    Database version: v2012.12.26.09

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Katie :: KATIE-PC [administrator]

    12/26/2012 5:17:55 AM
    mbar-log-2012-12-26 (05-17-55).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 30132
    Time elapsed: 40 minute(s), 57 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 1
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Delete on reboot.

    Files Detected: 1
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Delete on reboot.

    (end)
     
  6. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Mbar has detected a program "Protected Search" as a PUP (Potentially unwanted program). This is most likely a false positive and nothing to worry about, but if you don't use this software I would suggest you remove it.

    Let me know how the video test goes.

    I would suggest running this scan to clear out temporary files, it may speed it up a little more. There is no log to post.

    Download Temporary file cleaner and save it to the desktop.
    Double click on the icon to run it (it appears as a dark grey dustbin). For Windows 7 and Vista right click the icon and select Run as Administrator.
    When the window opens click on Start. It will close all running programs and clear the desktop icons.
    When complete you may be asked to reboot, if so accept the request and your PC will reboot automatically.
     
  7. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    I did the video check before I ran the Temporary File Clean-up and it works great!!

    Is there anything you would recommend as far as maintenance? (Being careful about downloads goes without saying. ;) )

    Thanks so much for your help! Just let me know if there's anything more I need to do.
     
  8. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Glad to hear all is well. It would appear your only problem was a toolbar which ADWCleaner removed called search.certified, it had also hijacked your start and search pages.

    These kind of infections are normally installed by mistake when installing new software, many programs come bundled with add-ons and if you don't look for the option to leave them out they get installed.

    If you do regular scans with ADWCleaner, TFC and your Anti Virus it should help keep the PC clean. I would suggest you delete RogueKiller as it requires specialized knowledge to read the logs.

    I can see in your logs that Java is out of date and older versions can be prone to get infected. Please run the following scan to check for any other security risks from out of date software, I'll then post instructions to update anything found.

    Download Security Check by screen317 from Here or Here.
    Save it to your Desktop.
    Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
    A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.
     
  9. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    Results of screen317's Security Check version 0.99.56
    Windows 7 Service Pack 1 x86 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Trend Micro Titanium 2012
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java(TM) 6 Update 37
    Java version out of Date!
    Adobe Flash Player 11.5.502.135
    Adobe Reader 10.1.4 Adobe Reader out of Date!
    Google Chrome 18.0.1025.162
    Google Chrome 21.0.1180.83
    Google Chrome 21.0.1180.89
    Google Chrome 22.0.1229.79
    Google Chrome 22.0.1229.92
    Google Chrome 22.0.1229.94
    Google Chrome 23.0.1271.64
    Google Chrome 23.0.1271.91
    Google Chrome 23.0.1271.95
    Google Chrome 23.0.1271.97
    ````````Process Check: objlist.exe by Laurent````````
    Trend Micro AMSP coreServiceShell.exe
    Trend Micro UniClient UiFrmWrk uiWatchDog.exe
    Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
    Trend Micro AMSP coreFrameworkHost.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 1%
    ````````````````````End of Log``````````````````````
     
  10. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please follow this to update Java and Adobe.

    Adobe
    Close any programs you may have running - especially your web browser.
    Click on Start [​IMG] > Control Panel, double-click on Programs and Features and uninstall the following Adobe entries:

    Adobe Reader 10.1.4

    NOTE: For XP click on [​IMG] > Control Panel, double-click on Add or Remove Programs and continue as above.

    Then go to this link Adobe Downloads and select the latest version to download and install. You will see this page below, click on the appropriate button for for the Adobe product that was just removed.

    [​IMG]

    You will now see a page similar to this one:

    [​IMG]

    All four Adobe products, Reader, Flash Player, Air and Shockwave Player are set by default to download the version for Windows Operating Systems and for Internet Explorer in English. If you are using a Macintosh, or you want to use the Adobe product with a different Browser or language you must click on the line (as indicated in the above image) to make further selections to meet your requirements.

    As you will see in the above image the Adobe Reader is set for Windows 7, please click (as indicated) if you are using a different version of Windows to make further selections. All the other Adobe products are universal and you will only need to change the selection for different Browsers, Languages or for Macintosh.
    NOTE: In all the downloads look out for the Google Toolbar and uncheck the box if you do not need it.

    Some additional instructions may appear for XP installations. In all cases save the download to your desktop, then close your browser and double click on the Adobe icon on your desktop to install it. If you have any problems installing, disconnect from the internet and disable your Anti Virus and any other security software, instructions for most AV's, etc. can be found here: How to disable security software.

    ============================================================


    Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
    Please follow these steps to remove older version of Java and update.

    How to update Java:
    Be aware that the act of downloading any Java installer means that you have read and agree to abide by the end users license agreement.
    End user licence agreement

    First uninstall all existing versions of Java.

    • Go to Start > Control Panel double-click on Add/Remove programs (or Programs and Features) and click on any item with Java, Java(TM), JRE or J2SE in the name.
    • Click the Uninstall, Remove or Change/Remove button and allow it to uninstall.
    • If a User Account Control warning appears click on Allow.
    • Repeat as many times as necessary to remove each and every item.
    • Reboot your computer once all Java components are removed.

    NOTE: If you have a 64bit version of Windows and are using the 64bit version of Internet Explorer the Java site will automatically give you the correct Java version using the instructions below,
    but it is recommended that you use only 32bit browsers and versions of Java. Please read this for further information: Which Java download should I choose for my 64bit operating system?.
    If you install Java for the 64bit version of Internet Explorer and you use any other browser you will also need to repeat the installation while using your other browser which will most likely be 32bit. If in doubt please ask.


    How to install the latest version.

    • Open the browser that you normally use and click on this link: Java Download
    • Click on the big red button Free Java Download
    • On the next page click on the big red button Agree and Start Free Download
    • Select Run whenever the option appears. If no Run option appears click on Save and then when the download completes click on Run. If a User Account Control warning appears click on Continue.
    • When the Welcome to Java window appears click on Install.
    • It may takes several minutes to download the installer depending on the speed of your connection, allow it to complete.
    • If any error messages appear click on OK and then click on the Agree and start free download button again.
    • Please wait for the Java Setup window to appear. Uncheck the box to install the Ask Toolbar and then click on Next.
    • NOTE: The Ask Toolbar option may change without notice to something different, please make sure you uncheck the box for anything else that is offered. On some systems this offer may not appear, in which case, continue with the next instruction.
    • You will then see the Java Setup Progress window and another will appear for JavaFX (on some systems the JavaFX will not appear or be installed). Finally the Java Setup Complete window will appear, click on Close.
    • If a Java page then appears with a button to Verify Java Version click on it and it will verify the installation.
    • The Installation is now complete, please reboot the system.
    • NOTE: The JavaFX component is not required unless you are developing Java applications. It is perfectly safe to keep on your system, but if you wish to uninstall it please do so.
     
  11. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    OK, great. I've updated both of those now.

    I am getting a message every time I restart saying "An item with the same key has already been added." This started after I've been working to get rid of the malware. Any ideas what that could be?
     
  12. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    A quick Google only gave me a rough idea that it is an error thrown when running new programs that you have written yourself. Do you get the same error appear if you boot into Safe Mode with Networking.
     
  13. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    Ha! I have definitely not written any programs... I'll try to get into safe mode and see what happens.
     
  14. ktmac

    ktmac Thread Starter

    Joined:
    Dec 23, 2012
    Messages:
    23
    I tried it in safe mode and the message doesn't come up.
     
  15. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ok, as it does not happen in Safe Mode which only has the minimum of services and processes running we should be able to isolate the cause.


    Part 1
    Selective Startup (Clean Boot)
    I would recommend you print out these instructions and follow them slowly, one line at a time, as it is very easy to get confused with this. Unfortunately this is probably the only way we can find what is causing your problem.

    • Click on Start [​IMG] then type msconfig into the Search box and hit the Enter key.
    • This screen should appear with the settings as shown:

    [​IMG]

    • Click on the Services tab and you should see this, click on the box next to Hide all Microsoft Services so a check mark appears.

    [​IMG]

    • Now click on the General tab and check the boxes as shown:

    [​IMG]

    • When done click on Apply and then OK.
    • The window will close and you will see a notification with two choices, click on Restart.


    Now run the system and check to see if the problem has been cured. Tell me the outcome in your next reply.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082120

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice