1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Slow response time, wireless connection problems, shut down takes forever

Discussion in 'Virus & Other Malware Removal' started by cybergrrl, Feb 7, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    I have a Toshiba Satellite L505 running Windows 7 Home Premium, 3GB ram, 2.1GHz Intel Core2 Duo. I bought it new 11/10. I've had increasing problems over the past several months - IE(9) often crashes, especially when I try to open a PDF from the web. Sometimes other browsers can't open PDFs either. Sometimes IE just processes and doesn't open any webpage. I'm continually asked to install Google Toolbar, and it won't accept "don't allow". Sometimes I get a message that a program has tried to change my home page. I've ran several programs to try and fix things - Ad-Aware, Spybot, System Mechanic Premium, System Suite, and Driver Genius. I usually installed, ran, and uninstalled these utilities in hopes they wouldn't conflict with each other. I used AVG from the time I bought the PC until it expired this month andI switched to Kasperskys. I suspect trying a variety of products only made matters worse or my obsession with Jenkat Games has wrecked havoc with the system.

    When it started taking over 2 min to start up and over 3 min to shut down, I decided to turn to you. When I ran HJT, I got an error message - see the message and host images attached as hjterror.doc. I clicked ok and hjt went ahead and ran.
    When I ran the GMER scan, it scanned for 40 hrs straight before I finally clicked on 'stop' and saved the file. At one point it was scanning the C:\ windows folder and 12 hrs later it was scanning C:\games so I think it was in a loop. It didn't add any entries into the log for at least the last 30 hrs. After that, I lost wireless connection and could not shut down. Upon restart my wireless connection was disabled and I went through several troubleshooting steps to finally enable it again.

    Please help. Here are the requested files:

    -----------------------------------------Hijack This ----------------------------------------------------------
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:14:53 PM, on 2/5/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\taskeng.exe
    C:\windows\System32\rundll32.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files\TOSHIBA\TECO\TEco.exe
    C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\Program Files\Logitech\Vid HD\Vid.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files\PrintKey2000\Printkey2000.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mhcc.edu/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: SBCONVERT - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - (no file)
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
    O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
    O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    O4 - HKLM\..\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe
    O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABVAFMAUgAtAE4ATgBZAEsAVQAtAFIANABEAEYAQwAtAFUATABBADgAUgAtAEUATABFAEcATQAtADQARgBVADQATQA"&"inst=NwA2AC0ANQAyADkAMAAzADAANgA1ADQALQBYAE8AMwA2ACsAMQAtAE4AMQBEACsAMQAtAFQAQgA5ACsAMgAtAFAATAArADkALQBEAEQAVAArADQAMQAxADEAOQAtAEQARAA5ADAAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQADkAMABNADEAMgBDACsAMQAtAFUAOQA1ACsAMQAtAFQAQgArADEALQBGAFUASQArADIALQBQADkAMABUAEIAKwAyAA"&"prod=54"&"ver=9.0.894
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Becky\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Agent - Unknown owner - C:\windows\agent.exe
    O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
    O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe
    O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

    --
    End of file - 15586 bytes

    ----------------------------------------------- DDS file ------------------------------------------------
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by Becky at 14:16:47 on 2012-02-05
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1567 [GMT -8:00]
    .
    AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\agent.exe
    C:\windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\xampp\apache\bin\httpd.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
    c:\xampp\mysql\bin\mysqld.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\windows\System32\svchost.exe -k HPZ12
    C:\windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\taskeng.exe
    C:\xampp\apache\bin\httpd.exe
    C:\windows\system32\taskeng.exe
    C:\PROGRA~1\SPEEDB~2\VideoAcceleratorEngine.exe
    C:\windows\system32\svchost.exe -k HPService
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\rundll32.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files\TOSHIBA\TECO\TEco.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\Program Files\Logitech\Vid HD\Vid.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\windows\System32\svchost.exe -k secsvcs
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
    C:\windows\servicing\TrustedInstaller.exe
    C:\Program Files\PrintKey2000\Printkey2000.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\windows\system32\vssvc.exe
    C:\windows\System32\svchost.exe -k swprv
    C:\Program Files\DAP\DAP.EXE
    C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Page =
    uStart Page = hxxp://www.mhcc.edu/
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    uSearch Bar =
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    uInternet Settings,ProxyOverride = *.local
    mURLSearchHooks: H - No File
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - No File
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Download Accelerator Plus Integration: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [Google Update] "c:\users\becky\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [AdobeBridge]
    uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
    uRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    mRun: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
    mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
    mRun: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
    mRun: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    mRun: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
    mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED
    mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
    mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
    mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
    mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe"
    mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun: [PDFHook] c:\program files\nuance\pdf professional 6\pdfpro6hook.exe
    mRun: [PDF6 Registry Controller] c:\program files\nuance\pdf professional 6\RegistryController.exe
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABVAFMAUgAtAE4ATgBZAEsAVQAtAFIANABEAEYAQwAtAFUATABBADgAUgAtAEUATABFAEcATQAtADQARgBVADQATQA"&"inst=NwA2AC0ANQAyADkAMAAzADAANgA1ADQALQBYAE8AMwA2ACsAMQAtAE4AMQBEACsAMQAtAFQAQgA5ACsAMgAtAFAATAArADkALQBEAEQAVAArADQAMQAxADEAOQAtAEQARAA5ADAAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQADkAMABNADEAMgBDACsAMQAtAFUAOQA1ACsAMQAtAFQAQgArADEALQBGAFUASQArADIALQBQADkAMABUAEIAKwAyAA"&"prod=54"&"ver=9.0.894
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\dap\dapextie.htm
    IE: &Search
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
    IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    Trusted Zone: mhcc.edu\palmer
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 198.5.254.1 198.5.254.5 192.168.2.1
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6} : DhcpNameServer = 198.5.254.1 198.5.254.5 192.168.2.1
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6}\23035313E6564777F627B6 : DhcpNameServer = 68.87.69.150 68.87.85.102
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6}\54447454736373 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6}\745756374784F65737560213 : DhcpNameServer = 192.168.10.1 10.1.10.1
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6}\D4843434F53547574656E647 : DhcpNameServer = 172.17.10.3 205.171.3.65 205.171.2.65
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6}\D4843434F57457563747 : DhcpNameServer = 205.171.3.65 205.171.2.65
    TCP: Interfaces\{98D82780-5106-43BB-B89A-084C36B09AB6}\E4F627D637 : DhcpNameServer = 68.105.28.17 68.105.29.17
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
    Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
    Notify: igfxcui - igfxdev.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
    mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f
    mASetup: Send To Neat - reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\becky\appdata\roaming\mozilla\firefox\profiles\plldunnw.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.mhcc.edu/
    FF - component: c:\program files\dap\dapfirefox\components\DAPFireFox.dll
    FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
    FF - component: c:\program files\speedbit video downloader\spfirefox\components\Engine.dll
    FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
    FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\1\NP_wtapp.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\users\becky\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-11-7 56208]
    R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-1-22 20392]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
    R1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\34302\RapportCerberus32_34302.sys [2011-12-16 228208]
    R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-11-7 71440]
    R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-11-7 164112]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
    R2 Agent;Agent;c:\windows\agent.exe [2012-1-28 155648]
    R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-9-10 18432]
    R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-11-2 365336]
    R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
    R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2012-1-22 722616]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-11-7 931640]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]
    R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~2\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~2\VideoAcceleratorService.exe -start -scm [?]
    R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-6-17 434864]
    R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-10-28 7680]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
    R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-10-28 24064]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
    R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-26 1011232]
    R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-10-28 54136]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960]
    R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-15 135664]
    S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-15 135664]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-28 171520]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-20 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-4 1343400]
    S4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 6\PDFProFiltSrv.exe [2009-11-2 134944]
    .
    =============== File Associations ===============
    .
    JSEFile=NOTEPAD.EXE %1
    regfile=NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2012-02-05 21:23:41 388096 ----a-r- c:\users\becky\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-02-05 21:23:40 -------- d-----w- c:\program files\Trend Micro
    2012-02-05 03:52:25 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{cf19e064-5c56-433a-b9d6-ba99be73e571}\mpengine.dll
    2012-02-04 18:21:20 150200 ----a-w- c:\program files\mozilla firefox\extensions\[email protected]_bak\components\kavlinkfilter.dll
    2012-02-04 18:21:13 97961 ----a-w- c:\windows\system32\drivers\klick.dat
    2012-02-04 18:21:13 115369 ----a-w- c:\windows\system32\drivers\klin.dat
    2012-02-04 18:20:13 -------- d-----w- c:\program files\Kaspersky Lab
    2012-02-04 18:20:12 -------- d-----w- c:\programdata\Kaspersky Lab
    2012-02-04 18:05:54 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
    2012-02-01 01:17:33 -------- d-----w- c:\users\becky\appdata\roaming\Zeon
    2012-02-01 01:15:44 -------- d-----w- c:\users\becky\appdata\roaming\FLEXnet
    2012-01-31 03:23:19 -------- d-----w- c:\programdata\Nuance
    2012-01-31 03:22:16 -------- d-----w- c:\programdata\zeon
    2012-01-31 03:21:59 -------- d-----w- c:\program files\common files\ScanSoft Shared
    2012-01-31 03:21:17 -------- d-----w- C:\speech
    2012-01-31 03:21:16 -------- d-----w- c:\program files\Nuance
    2012-01-31 03:04:46 -------- d-----w- c:\users\becky\appdata\roaming\Neat
    2012-01-31 03:04:35 -------- d-----w- c:\users\becky\appdata\roaming\Nuance
    2012-01-28 08:30:47 -------- d-----w- c:\users\becky\appdata\local\The Neat Company
    2012-01-28 08:20:33 155648 ----a-w- c:\windows\agent.exe
    2012-01-28 08:20:32 -------- d-----w- c:\program files\Send To Neat
    2012-01-28 08:20:26 46592 ----a-w- c:\windows\system32\sdtnpm.dll
    2012-01-28 08:17:14 -------- d-----w- c:\program files\common files\NeatReceipts
    2012-01-28 08:15:56 -------- d-----w- c:\programdata\The Neat Company
    2012-01-28 08:15:51 -------- d-----w- c:\program files\Neat
    2012-01-28 08:15:50 -------- d-----w- c:\program files\common files\The Neat Company
    2012-01-28 06:59:17 -------- d-----w- c:\program files\Microsoft Synchronization Services
    2012-01-26 01:49:47 -------- d-----w- c:\program files\common files\Alien Shooter
    2012-01-26 01:49:47 -------- d-----w- c:\program files\Alien Shooter
    2012-01-23 13:44:28 74703 ----a-w- c:\windows\system32\mfc45.dll
    2012-01-23 03:34:46 20392 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys
    2012-01-23 03:34:08 511328 ----a-w- c:\program files\common files\microsoft shared\capicom\CAPICOM.DLL
    2012-01-23 03:34:07 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
    2012-01-23 03:34:03 56200 ----a-w- c:\windows\system32\offreg.dll
    2012-01-23 03:34:03 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
    2012-01-23 03:34:03 11776 ----a-w- c:\windows\system32\smrgdf.exe
    2012-01-23 03:34:02 -------- d-----w- c:\program files\iolo
    2012-01-23 03:23:17 -------- d-----w- c:\users\becky\appdata\roaming\iolo
    2012-01-23 03:20:42 -------- d-----w- c:\users\becky\appdata\local\Avanquest_Software
    2012-01-23 02:38:22 -------- d-sh--r- C:\_Backup.RC
    2012-01-23 02:35:23 -------- d--h--w- C:\_Backup
    2012-01-23 02:34:03 -------- d-----w- c:\users\becky\appdata\roaming\Avanquest
    2012-01-23 02:33:46 -------- d-----w- c:\programdata\Avanquest
    2012-01-21 22:23:05 -------- d-----w- c:\programdata\iolo
    2012-01-15 21:51:43 -------- d-----w- c:\users\becky\appdata\local\{4DDDA5E9-E2BC-4D03-B94F-6216E37E5B92}
    2012-01-15 20:39:23 -------- d-----w- c:\users\becky\appdata\local\{2A274E20-BA0D-4858-9C5A-3A3381458FED}
    2012-01-15 20:38:29 -------- d-----w- c:\users\becky\appdata\local\{B0B8067C-FFDF-4101-9ACD-08A67C4709E9}
    2012-01-15 20:38:18 -------- d-----w- c:\users\becky\appdata\local\{79C8E3AF-8260-4896-AA9E-88EB52A5CD62}
    2012-01-13 14:42:49 369352 ----a-w- c:\windows\system32\drivers\cng.sys
    2012-01-13 14:42:49 224768 ----a-w- c:\windows\system32\schannel.dll
    2012-01-13 14:42:49 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-01-13 14:42:49 1038848 ----a-w- c:\windows\system32\lsasrv.dll
    2012-01-13 14:42:48 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-01-13 14:42:48 314880 ----a-w- c:\windows\system32\webio.dll
    2012-01-13 14:42:48 22528 ----a-w- c:\windows\system32\lsass.exe
    2012-01-13 14:42:48 22016 ----a-w- c:\windows\system32\secur32.dll
    2012-01-13 14:42:48 15872 ----a-w- c:\windows\system32\sspisrv.dll
    2012-01-13 14:42:48 100352 ----a-w- c:\windows\system32\sspicli.dll
    2012-01-13 07:02:33 -------- d-----w- c:\program files\iPod
    2012-01-13 07:02:31 -------- d-----w- c:\program files\iTunes
    2012-01-11 01:53:35 1288472 ----a-w- c:\windows\system32\ntdll.dll
    2012-01-11 01:53:33 1328128 ----a-w- c:\windows\system32\quartz.dll
    2012-01-11 01:53:32 514560 ----a-w- c:\windows\system32\qdvd.dll
    2012-01-11 01:53:30 67072 ----a-w- c:\windows\system32\packager.dll
    2012-01-08 06:27:10 -------- d-----w- c:\users\becky\appdata\roaming\Funswitch
    2012-01-08 02:48:10 -------- d-----w- c:\program files\Fishdom H2O- Hidden Odyssey
    2012-01-08 02:48:10 -------- d-----w- c:\program files\common files\Fishdom H2O- Hidden Odyssey
    .
    ==================== Find3M ====================
    .
    2012-01-27 08:21:24 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-01-21 23:52:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-12-17 20:57:18 1643712 ----a-w- c:\users\becky\spiritofwandering_1416.exe
    2011-12-03 06:00:33 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2011-12-03 06:00:33 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys
    2011-11-08 05:28:38 56208 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
    2010-01-26 04:37:33 774144 ----a-w- c:\program files\RngInterstitial.dll
    .
    ============= FINISH: 14:18:16.26 ===============

    --------------------------------------------- ark.txt --------------------------------------------------------------------
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-02-07 06:16:56
    Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB2O
    Running: 32ck2qu5.exe; Driver: C:\Users\Becky\AppData\Local\Temp\uwloikob.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x91537DAA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x91539FE8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x9153A262]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x9153A4D8]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwAssignProcessToJobObject [0x8B5D6080]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x915386BE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x915394F2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x91539A3C]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwCreateFile [0x8B5D6BDE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x91539922]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x91537998]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x915397F6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x91537B40]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x91539B5C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0x915512D0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x91538344]
    SSDT \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ZwCreateThreadEx [0x915B2640]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x9153A722]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x9153988C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x9153B24A]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteFile [0x8B5D6DD6]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteKey [0x8B5DA5AC]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteValueKey [0x8B5DA5DE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x91538E1C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x9153C458]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x91538C2A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x9153B33C]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwLoadKey [0x8B5DA740]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x915512F0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x91539AD2]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenFile [0x8B5D6CF6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x915399B2]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenProcess [0x8B5D61F6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x9153B83E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x91539BF2]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenThread [0x8B5D63EA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwPlugPlayControl [0x915512E0]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwProtectVirtualMemory [0x8B5D651C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x9153A7DC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x9153BDDE]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwQueryValueKey [0x8B5DA6B6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x9153B6D0]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRenameKey [0x8B5DA620]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwReplaceKey [0x8B5DA652]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x91539F56]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x91539E1C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x9153AFE4]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRestoreKey [0x8B5DA684]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x9153C2FA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x915365EA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x91539238]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetContextThread [0x8B5D6026]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetInformationFile [0x8B5D6E7C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x9153A87E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x9153B4DA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x9153BF2E]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetValueKey [0x8B5DA544]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x9153C020]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSuspendThread [0x8B5D5FC0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x9153B16E]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwTerminateProcess [0x8B5D5EE8]
    SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwTerminateThread [0x8B5D5F30]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x9153BC82]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x9153827A]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKey + 13D1 8307E369 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B7D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 830BED8C 4 Bytes [AA, 7D, 53, 91] {STOSB ; JGE 0x56; XCHG ECX, EAX}
    .text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 830BEDB4 8 Bytes CALL E59D4158
    .text ntkrnlpa.exe!KeRemoveQueueEx + 1143 830BEDF8 4 Bytes [D8, A4, 53, 91]
    .text ntkrnlpa.exe!KeRemoveQueueEx + 1153 830BEE08 4 Bytes [80, 60, 5D, 8B] {AND BYTE [EAX+0x5d], 0x8b}
    .text ntkrnlpa.exe!KeRemoveQueueEx + 116F 830BEE24 4 Bytes [BE, 86, 53, 91]
    .text ...
    .text C:\windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8BB26000, 0x3C849, 0xE8000020]
    .dsrt C:\windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8BB6B000, 0x3DC, 0x48000040]
    ? C:\Users\Becky\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[936] ntdll.dll!KiUserApcDispatcher 777E6F38 5 Bytes JMP 00414D50 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.)
    .text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[936] WS2_32.dll!getaddrinfo 773C4296 5 Bytes JMP 71A50022
    .text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[936] WS2_32.dll!gethostbyname 773D7673 5 Bytes JMP 71AE0022
    ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe[1956] C:\windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
    ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe[1956] C:\windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
    .text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe[1956] USER32.dll!NotifyWinEvent + 6AE 75C4D66C 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] kernel32.dll!FindResourceW 776054CF 5 Bytes JMP 00361FC0
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] kernel32.dll!LoadLibraryW 7760EF42 5 Bytes JMP 00360FB8
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] kernel32.dll!FreeLibrary 7760EF67 5 Bytes JMP 00362FC8
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] ADVAPI32.dll!RegSetValueExW 75E814D6 5 Bytes JMP 00363FD0
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] USER32.dll!EnableWindow 75C38D02 5 Bytes JMP 72129A14 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] USER32.dll!DestroyWindow 75C3B2F4 5 Bytes JMP 00365FE0
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] USER32.dll!SetWindowsHookExW 75C3E30C 5 Bytes JMP 72122194 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] USER32.dll!DialogBoxParamW 75C53B9B 5 Bytes JMP 7208170B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] USER32.dll!MessageBoxIndirectW 75C8E963 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] SHLWAPI.dll!SHRegWriteUSValueW 7715D3C2 5 Bytes JMP 00364FD8
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] SHELL32.dll!RealDriveType + 173D 762BFDD0 4 Bytes [CF, 01, 1D, 6B]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2640] SHELL32.dll!RealDriveType + 1745 762BFDD8 8 Bytes [E0, 61, 1C, 6B, 79, F7, 1C, ...] {LOOPNZ 0x63; SBB AL, 0x6b; JNS 0xfffffffffffffffd; SBB AL, 0x6b}
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] kernel32.dll!FindResourceW 776054CF 5 Bytes JMP 02021EF8
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] kernel32.dll!LoadLibraryW 7760EF42 5 Bytes JMP 02020EF0
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] kernel32.dll!FreeLibrary 7760EF67 5 Bytes JMP 02022F00
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] ADVAPI32.dll!RegSetValueExW 75E814D6 5 Bytes JMP 02023F08
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] USER32.dll!EnableWindow 75C38D02 5 Bytes JMP 72129A14 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] USER32.dll!DestroyWindow 75C3B2F4 5 Bytes JMP 02025F18
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] USER32.dll!DialogBoxParamW 75C53B9B 5 Bytes JMP 7208170B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] USER32.dll!MessageBoxIndirectW 75C8E963 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[4580] SHLWAPI.dll!SHRegWriteUSValueW 7715D3C2 5 Bytes JMP 02024F10
    ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe[4740] C:\windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
    ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe[4740] C:\windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
    .text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe[4740] USER32.dll!NotifyWinEvent + 6AE 75C4D66C 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
    .text C:\Program Files\Real\RealPlayer\Update\realsched.exe[5620] kernel32.dll!SetUnhandledExceptionFilter 7760F4FB 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
    .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[7128] kernel32.dll!SetUnhandledExceptionFilter 7760F4FB 5 Bytes JMP 5BA050B8 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
    .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[7128] ole32.dll!OleLoadFromStream 76E76143 5 Bytes JMP 5C4CEAC8 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

    Device \Driver\ACPI_HAL \Device\0000005a halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

    AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    bump please
     
  3. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    bump again... problems still exist
     
  4. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    501
    Hi and welcome to TSG.

    I am reviewing your logs and will respond with a reply as soon as I can.

    Please note that all my replies are reviewed by a qualified Analyst before I post. This ensures that you will continue to receive quality expert assistance.

    Thank you for your patience.
     
  5. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    thanks. I realize you'll probably want updated HJT files eventually but one thing I've done since initially emailing was to delete the System Suite program after reading through some other posts in this forum.
     
  6. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    501
    Hi, my name is Dave and I will be helping you to clean any malware which may be present on your system.

    Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.



    • Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.
    • If there is anything you don't understand, please ask BEFORE proceeding with the fixes.
    • Please ensure that you follow the instructions in the order I have them listed.
    • Please do not install or uninstall any programmes, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into your thread. If the logs are too big to post in one reply, please feel free to use more posts. Do NOT add them as attachments unless specifically instructed.
    • If I don't hear from you within 3 days from this initial or any subsequent post, I will have to unsubscribe from this thread, which means I will not recieve notifications of any further replies and will move on to assist someone else.


    ------------------------------------------------------------------------------------------------------

    Download Malwarebytes' Anti-Malware to your desktop.



    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Save it to your desktop.

    Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.

    ------------------------------------------------------------------------------------------------------

    Download Security Check by screen317 from here or here.



    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
     
  7. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    Here are the two requested logs:

    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.02.02

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Becky :: TECHLAPTOP [administrator]

    3/1/2012 11:41:16 PM
    mbam-log-2012-03-01 (23-41-16).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 202342
    Time elapsed: 12 minute(s), 38 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 1
    HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

    Folders Detected: 1
    C:\Users\Becky\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (Adware.GamesVance) -> Quarantined and deleted successfully.

    Files Detected: 2
    C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
    C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

    (end)
    --------------------------------------------------------------------------------------------
    Results of screen317's Security Check version 0.99.31
    Windows 7 Service Pack 1 x86 (UAC is enabled)
    Internet Explorer 9
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Firewall Enabled!
    Kaspersky Anti-Virus 2011
    iolo technologies' System Mechanic Premium
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    I SPY Fun House
    Enigmatis: The Ghosts of Maple Creek Collector's Edition
    Java(TM) 6 Update 14
    Java version out of date!
    Adobe Flash Player 11.1.102.62
    Adobe Reader X (10.1.2)
    Mozilla Firefox (10.0.2)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe
    iolo Common Lib ioloServiceManager.exe
    ``````````End of Log````````````
     
  8. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    501
    Hi,

    Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.






    Please follow these steps to remove older version Java components and update.

    Updating Java:



    • Visit this site Java
    • Click the 'Free Java Download' button.
    • The site will advise if you need an updated version
    • Follow the instructions.



    After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)


    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      • Applications and Applets
        Trace and Log Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.



    ---------------------------------------------------------------------------

    One last scan to make sure theres nothing lurking.

    Go here to run an online scannner from ESET.


    • Note: You will need to use Internet explorer for this scan
    • Vista or Windows 7 users, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click Scan
    • Wait for the scan to finish
    • Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
    • Copy and paste that log in your next reply.
     
  9. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    when I try to run the online scanner, I get a message saying "An error has occurred in the script on this page..." and asks whether I want to continue running scripts on the page. Whether I click on yes or no, it takes me to the Terms of Use and when I agree and click on START, I get a blank screen with a little square picture icon in the corner.

    I did get JAVA updated and deleted the temp files.
     

    Attached Files:

  10. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    501
    Hi,

    Internet Explorer is the preferred browser for this scanner but it can also run from Firefox.

    Please download Eset Smart Installer from here.

    Then try the scan again referring to my previous intructions.
     
  11. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    I finally got the ESET scan by downloading the installer. Here's the log:

    [email protected] as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6583
    # api_version=3.0.2
    # EOSSerial=5fa624a9d5dae14d83a6720c76b278da
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2012-03-04 04:14:03
    # local_time=2012-03-03 08:14:03 (-0800, Pacific Standard Time)
    # country="United States"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode=1024 16777215 100 0 63729657 63729657 0 0
    # compatibility_mode=1280 16777215 100 0 2348588 2348588 0 0
    # compatibility_mode=5893 16776573 100 94 0 82355792 0 0
    # compatibility_mode=8192 67108863 100 0 0 0 0 0
    # scanned=645000
    # found=6
    # cleaned=0
    # scan_time=23443
    C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
    C:\Program Files\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I
    C:\Program Files\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Becky\Desktop\Games2Play\tm-Installer_AncientSecretsDoublePack.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Becky\Documents\My DAP Downloads\registrybooster_1.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Becky\Downloads\tm-Installer_VictorianMysteries_WiW.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
     
  12. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    ...also, now I keep getting a window asking if I want to allow "webtoolbar component" from Kaspersky to open. No matter if I click on "allow" or "don't allow", it returns every few seconds for about 5 or 6 times then starts the series again when click to go to another webpage. I've even disabled all add-ins related to Kaspersky in IE in the manage add-ins window!
     
  13. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    501
    Hi,

    Please go to Control Panel >> Programs and Features >> Uninstall a Program and remove this program;

    iLivid

    ---------------------------------------------------------------------

    Please follow the instructions here to disable Windows Defender. Its not neccessary and may even cause conflicts with Kaspersky installed.

    ---------------------------------------------------------------------

    Combofix

    We need to run a scan with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Please read all the information carefully!

    You MUST disable your AntiVirus and AntiSpyware applications - please read this thread as a guide. They may otherwise interfere with our tools and interrupt the cleansing process.

    Please include the log C:\ComboFix.txt in your next reply for further review.

    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
     
  14. cybergrrl

    cybergrrl Thread Starter

    Joined:
    Dec 15, 2003
    Messages:
    63
    Sorry, I didn't see your msg about uninstalling iLivid so I did that after I ran the combofix. Here's the log:

    ComboFix 12-03-04.01 - Becky 03/04/2012 16:32:59.2.2 - x86
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1698 [GMT -8:00]
    Running from: c:\users\Becky\Desktop\ComboFix.exe
    AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-02-05 to 2012-03-05 )))))))))))))))))))))))))))))))
    .
    .
    2012-03-05 00:48 . 2012-03-05 00:48 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-03-03 17:53 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED32249D-CCFE-4827-A18B-F41392DA28F6}\mpengine.dll
    2012-03-03 08:13 . 2012-03-03 08:13 -------- d-----w- c:\program files\Common Files\Java
    2012-03-03 08:04 . 2012-03-03 08:04 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
    2012-03-03 08:04 . 2012-03-03 08:04 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-02-18 05:36 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
    2012-02-18 05:36 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
    2012-02-18 05:35 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
    2012-02-18 05:35 . 2012-01-14 03:35 2343424 ----a-w- c:\windows\system32\win32k.sys
    2012-02-13 13:29 . 2012-02-19 23:08 45016 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
    2012-02-13 13:29 . 2012-02-13 13:29 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
    2012-02-13 13:29 . 2012-02-13 13:29 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
    2012-02-13 13:29 . 2012-02-13 13:29 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
    2012-02-05 21:23 . 2012-02-05 21:23 388096 ----a-r- c:\users\Becky\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-02-05 21:23 . 2012-02-05 21:23 -------- d-----w- c:\program files\Trend Micro
    2012-02-04 18:21 . 2010-10-06 04:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\[email protected]_bak\components\kavlinkfilter.dll
    2012-02-04 18:21 . 2012-02-04 18:55 97961 ----a-w- c:\windows\system32\drivers\klick.dat
    2012-02-04 18:21 . 2012-02-04 18:55 115369 ----a-w- c:\windows\system32\drivers\klin.dat
    2012-02-04 18:20 . 2012-02-04 18:20 -------- d-----w- c:\program files\Kaspersky Lab
    2012-02-04 18:20 . 2012-03-05 00:19 -------- d-----w- c:\programdata\Kaspersky Lab
    2012-02-04 18:05 . 2012-02-04 18:05 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-02-18 07:29 . 2011-05-17 02:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-01-29 13:10 . 2010-01-10 21:50 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-01-23 13:44 . 2012-01-23 13:44 74703 ----a-w- c:\windows\system32\mfc45.dll
    2011-12-17 20:57 . 2011-12-17 20:57 1643712 ----a-w- c:\users\Becky\spiritofwandering_1416.exe
    2010-01-26 04:37 . 2010-01-26 04:37 774144 ----a-w- c:\program files\RngInterstitial.dll
    2012-02-19 23:08 . 2011-11-25 07:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
    "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2008-11-18 210208]
    "DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2012-01-04 2980016]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 174104]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 151064]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 1545512]
    "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]
    "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
    "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
    "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
    "TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-08-07 611672]
    "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
    "Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-08-11 1324384]
    "TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
    "SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-07-29 163840]
    "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 611672]
    "NortonOnlineBackupReminder"="c:\program files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
    "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
    "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-12-03 296056]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "PDFHook"="c:\program files\Nuance\PDF Professional 6\pdfpro6hook.exe" [2009-11-02 1275168]
    "PDF6 Registry Controller"="c:\program files\Nuance\PDF Professional 6\RegistryController.exe" [2009-11-02 110880]
    "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-11-03 365336]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABVAFMAUgAtAE4ATgBZAEsAVQAtAFIANABEAEYAQwAtAFUATABBADgAUgAtAEUATABFAEcATQAtADQARgBVADQATQA&inst=NwA2AC0ANQAyADkAMAAzADAANgA1ADQALQBYAE8AMwA2ACsAMQAtAE4AMQBEACsAMQAtAFQAQgA5ACsAMgAtAFAATAArADkALQBEAEQAVAArADQAMQAxADEAOQAtAEQARAA5ADAAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQADkAMABNADEAMgBDACsAMQAtAFUAOQA1ACsAMQAtAFQAQgArADEALQBGAFUASQArADIALQBQADkAMABUAEIAKwAyAA&prod=54&ver=9.0.894" [?]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jenkat Games Arcade]
    2011-11-16 08:12 4547072 ----a-w- c:\users\Becky\AppData\Roaming\Jenkat\Jenkat Games Arcade\JenkatGA.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTOSHIBA]
    2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2009-10-09 21:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R2 Agent;Agent;c:\windows\agent.exe [2011-08-24 155648]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 135664]
    R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe [2010-10-05 300656]
    R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
    R3 AQFileRestore;AQFileRestore;c:\windows\system32\DRIVERS\AQFileRestore.sys [x]
    R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 40320]
    R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 135664]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-06 171520]
    R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-05 1343400]
    R4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-02 134944]
    S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2011-11-08 56208]
    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-10 11352]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-23 22104]
    S1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [2011-12-16 228208]
    S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2011-11-08 71440]
    S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2011-11-08 164112]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
    S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
    S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
    S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-08 931640]
    S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 185712]
    S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
    S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-06-17 434864]
    S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19984]
    S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 24064]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
    S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-27 1011232]
    S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
    S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-09-17 111960]
    S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-07 685424]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    HPService REG_MULTI_SZ HPSLPSVC
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
    2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-03-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 18:13]
    .
    2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 18:13]
    .
    2012-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3034990255-2776577491-76898041-1000Core.job
    - c:\users\Becky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-20 06:38]
    .
    2012-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3034990255-2776577491-76898041-1000UA.job
    - c:\users\Becky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-20 06:38]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.mhcc.edu/
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    uInternet Settings,ProxyOverride = *.local
    IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    Trusted Zone: mhcc.edu\palmer
    TCP: DhcpNameServer = 198.5.254.1 198.5.254.5 192.168.2.1
    Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
    Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
    FF - ProfilePath - c:\users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\plldunnw.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.mhcc.edu/
    .
    .
    ------- File Associations -------
    .
    JSEFile=NOTEPAD.EXE %1
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-3034990255-2776577491-76898041-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-3034990255-2776577491-76898041-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-03-04 16:50:47
    ComboFix-quarantined-files.txt 2012-03-05 00:50
    .
    Pre-Run: 107,248,488,448 bytes free
    Post-Run: 107,194,376,192 bytes free
    .
    - - End Of File - - DF88028B51241653DE02AB71FAF29C20
     
  15. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    501
    Hi,

    Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

    1. Close any open browsers.

    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    3. Open notepad and copy/paste the text in the box below into it:

    Save this as CFScript.txt, in the same location as ComboFix.exe


    [​IMG]


    Refering to the picture above, drag CFScript into ComboFix.exe

    If you receive a prompt saying there is an updated version of ComboFix available, please allow it to update.

    Do not mouseclick combofix's window whilst it's running. This may cause it to stall.

    When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1039976

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice