Over 1 million tech questions and answers.

Tech support popups

Q: Tech support popups

I am having a problem with my granddaughters laptop. The anti-virus had expired when she brought it to me (I'm an IT guy). She was getting popups about cleaning her laptop. It had Optimize pro, My PC Backup, etc. installed (she's 13, not sure if she responded to the popups or not.

I've removed what I thought was junk, installed Microsoft Security Essentials and Malware Bytes, but I can't get either of them to launch and scan the laptop.

Here's the Hijack it log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:49:34 PM, on 3/29/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbrmon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Raven\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3...=SP8D23AC2A-573B-4C81-8075-F653FD8976D5&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49183;https=127.0.0.1:49183;
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0044150 - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\media enhance\media enhance-bho.dll
O2 - BHO: CrossriderApp0051578 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\video-high\video-high-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Toolbar BHO - {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - C:\PROGRA~2\COUPON~2\bar\1.bin\2pbar.dll
O2 - BHO: Search Assistant BHO - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll
O2 - BHO: ShopAtHome - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
O3 - Toolbar: Coupon Alert - {3462c343-be19-4143-af70-cefb56f46fc6} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbar.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
O3 - Toolbar: Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ShopAtHomeWatcher] C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
O4 - HKLM\..\Run: [Coupon Alert Search Scope Monitor] "C:\PROGRA~2\COUPON~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [CouponAlert_2p Browser Plugin Loader] C:\PROGRA~2\COUPON~2\bar\1.bin\2pbrmon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BrowserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
O4 - HKCU\..\Run: [Best Buy pc app] C:\Users\Raven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Raven\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E0023BB82BCF581D299E1A702AC3B53B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Raven\AppData\Local\Smartbar\Application\Muvic.exe startup
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Coupon AlertService (CouponAlert_2pService) - COMPANYVERS_NAME - C:\PROGRA~2\COUPON~2\bar\1.bin\2pbarsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Level Quality Watcher - Unknown owner - C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NewPlayer Updater Service (NewPlayerUpdaterService) - Unknown owner - C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Re-markit - Unknown owner - C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14800 bytes

Here's the DDS.TXT file:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.17267
Run by Raven at 17:50:58 on 2014-03-29
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2925.1639 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~2\COUPON~2\bar\1.bin\2pbarsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbrmon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Raven\Downloads\HijackThis.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3323897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8D23AC2A-573B-4C81-8075-F653FD8976D5&SSPV=
uDefault_Page_URL = hxxp://asus.msn.com
uProxyServer = hxxp=127.0.0.1:49183;https=127.0.0.1:49183;
uProxyOverride = <-loopback>
uURLSearchHooks: <No Name>: {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll
mWinlogon: Userinit = userinit.exe
BHO: media enhance: {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\media enhance\media enhance-bho.dll
BHO: video-high: {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\video-high\video-high-bho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: SmartbarInternetExplorerBHOEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Toolbar BHO: {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbar.dll
BHO: Search Assistant BHO: {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll
BHO: ShopAtHome.com Cash Back Helper: {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
TB: Coupon Alert: {3462C343-BE19-4143-AF70-CEFB56F46FC6} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbar.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
TB: Coupon Alert: {3462c343-be19-4143-af70-cefb56f46fc6} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbar.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
TB: Muvic: {ae07101b-46d4-4a98-af68-0333ea26e113} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Best Buy pc app] C:\Users\Raven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [Facebook Update] "C:\Users\Raven\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [GoogleChromeAutoLaunch_E0023BB82BCF581D299E1A702AC3B53B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Browser Infrastructure Helper] C:\Users\Raven\AppData\Local\Smartbar\Application\Muvic.exe startup
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [ShopAtHomeWatcher] C:\Users\Raven\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
mRun: [Coupon Alert Search Scope Monitor] "C:\PROGRA~2\COUPON~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h
mRun: [CouponAlert_2p Browser Plugin Loader] C:\PROGRA~2\COUPON~2\bar\1.bin\2pbrmon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [BrowserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
mRun: [fst_us_11] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: DisableRegedit = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2F18E9A2-A9D5-4771-8F1A-2A6ADBB8F5DB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2F18E9A2-A9D5-4771-8F1A-2A6ADBB8F5DB}\2456C6B696E6F5E4B2F5141344348303 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{2F18E9A2-A9D5-4771-8F1A-2A6ADBB8F5DB}\2656162736C616770277966696 : DHCPNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
TCP: Interfaces\{9FEF6FAD-ECAB-4203-A806-DB844B53DE23} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: a.exe - svchost.exe
IFEO: aAvgApi.exe - svchost.exe
IFEO: AAWTray.exe - svchost.exe
IFEO: About.exe - svchost.exe
IFEO: ackwin32.exe - svchost.exe
x64-BHO: media enhance: {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\media enhance\media enhance-bho64.dll
x64-BHO: video-high: {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\video-high\video-high-bho64.dll
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-BHO: SmartbarInternetExplorerBHOEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
x64-TB: Muvic: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: a.exe - svchost.exe
x64-IFEO: aAvgApi.exe - svchost.exe
x64-IFEO: AAWTray.exe - svchost.exe
x64-IFEO: About.exe - svchost.exe
x64-IFEO: ackwin32.exe - svchost.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Raven\AppData\Roaming\Mozilla\Firefox\Profiles\0alct0h1.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\NP2pStub.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Raven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - ExtSQL: 2014-03-12 16:32; {88849db3-dcd8-4efe-bcbb-af92b5c8ec55}; C:\Program Files (x86)\Re-markit-soft\157.xpi
FF - ExtSQL: !HIDDEN! 2013-02-17 17:22; [email protected]_2p.com; C:\Program Files (x86)\CouponAlert_2p\bar\1.bin
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.buenosearch.tlbrSrchUrl - hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=327520CF3072FD15&affID=127101&tsp=5185
FF - user.js: extensions.buenosearch.tb_url - hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=327520CF3072FD15&affID=127101&tsp=5185
FF - user.js: extensions.buenosearch.id - 32751cb200000000000020cf3072fd15
FF - user.js: extensions.buenosearch.appId - {37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
FF - user.js: extensions.buenosearch.instlDay - 16142
FF - user.js: extensions.buenosearch.vrsn - 1.8.28.7
FF - user.js: extensions.buenosearch.vrsni - 1.8.28.7
FF - user.js: extensions.buenosearch.vrsnTs - 1.8.28.719:57:54
FF - user.js: extensions.buenosearch.prtnrId - buenosearch
FF - user.js: extensions.buenosearch.prdct - buenosearch
FF - user.js: extensions.buenosearch.aflt - babsst
FF - user.js: extensions.buenosearch.smplGrp - none
FF - user.js: extensions.buenosearch.tlbrId - base
FF - user.js: extensions.buenosearch.instlRef - sst
FF - user.js: extensions.buenosearch.dfltLng - en
FF - user.js: extensions.buenosearch.excTlbr - false
FF - user.js: extensions.buenosearch.ffxUnstlRst - true
FF - user.js: extensions.buenosearch.admin - false
FF - user.js: extensions.buenosearch.autoRvrt - false
FF - user.js: extensions.buenosearch.rvrt - false
FF - user.js: extensions.buenosearch.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2010-10-11 15928]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-10-11 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
R2 CouponAlert_2pService;Coupon AlertService;C:\PROGRA~2\COUPON~2\bar\1.bin\2pbarsvc.exe [2013-2-17 42504]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 Level Quality Watcher;Level Quality Watcher;C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010010000000000000000000000 sourceguid=BBA5481A-926B-4561-BD79-249F618495E6 --> C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010010000000000000000000000 sourceguid=BBA5481A-926B-4561-BD79-249F618495E6 [?]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
R2 Re-markit;Re-markit;C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe [2014-3-12 194048]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-11 2314240]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-6-10 130048]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-11 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-2 271872]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-8-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2010-2-24 115312]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 NewPlayerUpdaterService;NewPlayer Updater Service;C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [2014-3-10 11776]
S3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2011-7-15 258224]
S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2011-7-15 550208]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-27 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-26 1255736]
.
=============== Created Last 30 ================
.
2014-03-29 22:31:19 -------- d-----w- C:\Program Files\SavingsBull
2014-03-29 22:28:19 -------- d-----w- C:\Program Files (x86)\predm
2014-03-29 22:10:24 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-03-29 22:10:19 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-03-29 22:10:19 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-29 22:10:18 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-29 22:10:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-29 22:09:53 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{46F7F43D-40D4-46CF-B100-14ED32DED85F}\gapaengine.dll
2014-03-29 22:09:46 10521840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2196814E-332D-4021-BA12-2FA543C8E4DF}\mpengine.dll
2014-03-29 21:59:44 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-03-29 21:59:41 -------- d-----w- C:\Program Files\Microsoft Security Client
2014-03-29 21:58:53 84377 ----a-w- C:\ProgramData\1396130248.bdinstall.bin
2014-03-29 21:47:41 -------- d-----w- C:\Users\Raven\AppData\Local\Macromedia
2014-03-13 00:57:49 -------- d-----w- C:\Users\Raven\AppData\Roaming\BabSolution
2014-03-13 00:57:31 -------- d-----w- C:\ProgramData\Babylon
2014-03-12 22:14:15 -------- d-----w- C:\Program Files (x86)\Uninstaller
2014-03-12 21:39:15 -------- d-----w- C:\Users\Raven\AppData\Local\Tuguu_SL
2014-03-12 21:37:50 -------- d-----w- C:\Users\Raven\AppData\Local\newplayer
2014-03-12 21:36:47 955488 ----a-w- C:\Users\Raven\AppData\Local\nsf477E.tmp
2014-03-12 21:36:40 -------- d-----w- C:\Program Files (x86)\NewPlayer
2014-03-12 21:36:28 -------- d-----w- C:\Program Files (x86)\media enhance
2014-03-12 21:35:00 -------- d-----w- C:\Program Files (x86)\video-high
2014-03-12 21:33:39 -------- d-----w- C:\Users\Raven\AppData\Local\LPT
2014-03-12 21:33:27 -------- d-----w- C:\Users\Raven\AppData\Local\Smartbar
2014-03-12 21:32:43 -------- d-----w- C:\Program Files (x86)\Re-markit-soft
2014-03-03 01:30:25 -------- d-----w- C:\Program Files\McAfee.com
2014-03-03 01:30:25 -------- d-----w- C:\Program Files\McAfee
2014-03-03 01:16:55 -------- d-----w- C:\Program Files\stinger
2014-03-03 01:14:44 -------- d-----w- C:\Program Files\Common Files\McAfee
.
==================== Find3M ====================
.
2014-03-13 01:25:23 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-13 01:25:23 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 17:52:11.18 ===============

Here's the ark.txt file:

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-29 18:11:18
Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0003 298.09GB
Running: bzsgrmlk.exe; Driver: C:\Users\Raven\AppData\Local\Temp\pglyqpob.sys
---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe[2128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077d61465 2 bytes [D6, 77]
.text C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe[2128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077d614bb 2 bytes [D6, 77]
.text ... * 2
.text C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe[3248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077d61465 2 bytes [D6, 77]
.text C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe[3248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077d614bb 2 bytes [D6, 77]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077d61465 2 bytes [D6, 77]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077d614bb 2 bytes [D6, 77]
.text ... * 2
.text C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe[5320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077d61465 2 bytes [D6, 77]
.text C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe[5320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077d614bb 2 bytes [D6, 77]
.text ... * 2

---- Threads - GMER 2.1 ----

Thread C:\Windows\system32\svchost.exe [652:4984] 000007fef2130ea8
Thread C:\Windows\system32\svchost.exe [652:5056] 000007fef2129db0
Thread C:\Windows\system32\svchost.exe [652:2748] 000007fef212aa10
Thread C:\Windows\system32\svchost.exe [652:2916] 000007fef2131c94
Thread C:\Windows\system32\svchost.exe [652:4512] 000007fef785d3c8
Thread C:\Windows\system32\svchost.exe [652:4932] 000007fef785d3c8
Thread C:\Windows\system32\svchost.exe [652:4504] 000007fef785d3c8
Thread C:\Windows\system32\svchost.exe [652:4508] 000007fef785d3c8
Thread C:\Windows\System32\spoolsv.exe [1516:1952] 000007fef8bb10c8
Thread C:\Windows\System32\spoolsv.exe [1516:1996] 000007fef8b76144
Thread C:\Windows\System32\spoolsv.exe [1516:2008] 000007fef8905fd0
Thread C:\Windows\System32\spoolsv.exe [1516:2012] 000007fef9653438
Thread C:\Windows\System32\spoolsv.exe [1516:2016] 000007fef89063ec
Thread C:\Windows\System32\spoolsv.exe [1516:2040] 000007fef8f15e5c
Thread C:\Windows\System32\spoolsv.exe [1516:1316] 000007fef8df484c
Thread C:\Windows\system32\svchost.exe [2316:3744] 000007fef7458470
Thread C:\Windows\system32\svchost.exe [2316:3760] 000007fef7462418
Thread C:\Windows\system32\svchost.exe [2316:1776] 000007fef5975b84
Thread C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [3496:4116] 000000006a96f71d
Thread C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [3496:4192] 000000006a96f71d
Thread C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [3496:4196] 000000006a965b1a
Thread C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [4240:4476] 0000000066dc4c7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4428:1880] 000007fefc102a88
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4428:1472] 000007fefb645124
---- Processes - GMER 2.1 ----

Library c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2196814E-332D-4021-BA12-2FA543C8E4DF}\offreg.dll (*** suspicious ***) @ c:\Program Files\Microsoft Security Client\MsMpEng.exe [836](2014-03-29 22:51:43) 000007fef3c60000

---- EOF - GMER 2.1 ----

Attach.txt to follow

Any help would be appreciated.

Dan

RELEVANCY SCORE 200
Preferred Solution: Tech support popups

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Tech support popups

Read other 11 answers
RELEVANCY SCORE 73.6

I do not understand Malwarebytes say I am clean and Hitman Pro and superantispyware.
I am still getting these Ad by Atomic Saving in my web pages + a whole page opens up and offers me yaggi support.
Help.

A:Ad by Atomic Savings + Tech Support Popups

Hello bhz -
Generally these programs will not show an "infection" as it is technically not an infection. It is a program that you installed with a game or another program.
(always read the fine print when you download anything)
 
This is a type of Adware that has becoming more popular over the last couple of years, but it can still be removed.
 
If you have problems or need help with these directions, please tell us
 
Please download RKill by Grinler to your desktop
Double click on RKill to run the tool
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.
Please Copy and Paste the small log back here
 
Important: Do not reboot your computer until you complete the next step.
 
Now:  Download AdwCleaner by Xplode and save to your Desktop.
• Double click on AdwCleaner.exe to run the tool.
• Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button. (only once)
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Uncheck any elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you want to save, just uncheck it from AdwCleaner.
• If you're not sur... Read more

Read other 2 answers
RELEVANCY SCORE 60.4

I keep receiving calls from fake MICROSOFT Tech support with various telephone numbers. Strange, they do not show up in my phone on line logs. They wanted me to go to FASTSUPPORT\763721586 ( do not use  these numbers). It is a company  called FASTSUPPORT.com. they also give you a complaint department where you can enter the number that you feel is causing you problems, the number of the LOGMEINRESCUE type remote access code. of course it is clear to them that you are suspicious and they will get rid of the  phone operator who didn't succeed. So do not bother to leave any complaint.

A:FAKE MICROSOFT TECH SUPPORT IS COMPANY CALLED FAST SUPPORT

Appears you are dealing with a well known scam.Microsoft does not make unsolicited phone calls, display pop-up alerts in your browser to call a support number or send unsolicited email messages to request personal or financial information or to fix your computer.Avoid scams that use the Microsoft name fraudulentlyIs that call from Microsoft a scam?Tell Your Relatives: No, Microsoft Won’t Call You About Your ComputerMicrosoft calling? Mind the tech support scammer!Tech Support Scamming through unsolicited phone calls, browser pop-ups and emails from "so-called Support Techs" advising "your computer is infected with malware", “All Your Files Are Encrypted" and other fake "alert messages" has become an increasing common scam tactic over the past several years. The scams may involve web pages with screenshots of fake Microsoft (Windows) Support messages, fake reports of suspicious activity, fake warnings of malware found on your computer, fake ransomware and fake BSODs all of which include a tech support phone number to call in order to fix the problem. If you call the phone number (or they called you), scammers will talk their victims into allowing them remote control access of the computer so they can install a Remote Access Trojan in order to steal passwords and other sensitive personal information which could then be used to access bank accounts or steal a person's identity.These are a few examples.Call Windows Help Desk Immediately Tech Support Scam Fake Your com... Read more

Read other 12 answers
RELEVANCY SCORE 59.6

When I installed Win8 on one computer I need a H.P. printer driver. So I went to H.P. support/download did not find the needed driver so I called their Tech. support. A friendly support guy looked at my system and told me my copy of Microsoft Win8 bought at Best Buy was not a legit copy, also my system had been infected and they needed to remove my Win8 clean my system and reinstall Win8. made me a deal of a reduced price of $250US I knew this was not right so I begged them good buy went to Best Buy where I have good friends in the Geek Squad. they got the needed driver and printer works fine.
Today my Netgear routher died, called Netgear to get my lifetime warranty. This also was a support in India guy said it would cost $39US to make sure it was the router I said thanks but no thanks. Took my old Netgear router back to Best Bye where I bought it three years ago and they gave me a new Netgear router. I needed setup help so called Netger as new user also in India guy was friendly looked at my system and helped me get it setup. Then he informed me my computer was under attack and my files were being read he could fix my system and protect my files for the small sum of just $85US. Well I was using a small backup H.P. computer on the Net. hardwired and it was almost never used. So I knew it was a India Tech. support scam again.
I think these guys in India do support for many Mfg.s and software makers, and it's an easy way to gleen a lot of fast cash from people who trust the br... Read more

A:Tech. Support Scam from India support bases.

Are you sure you were using legitimate HP/Netgear phone numbers? Where did you get the numbers from?

Are you sure it wasn't just a variation of the scams the FTC are starting to crack down on?
How Windows tech support scammers walked right into a trap set by the feds | Ars Technica

Read other 12 answers
RELEVANCY SCORE 58.4

I have a Thinkpad T450s and it is just over a year old. It still has 3 more years of warranty. Recently the lenovo solution center gave an critical error for the HDD (Read test failure) and I submitted an online request reporting it. Without even sending me an email or contacting me, they sent me a new part and gave me zero information about it. Apparently every other person can replace a HDD now! I have created 3 more cases calling their tech support to send the laptop for a depo repair. Everytime the request is rejected 'at the vendor' according to the customer care. Neither the customer care people or tech support can tell me why. Every time they create a new case, tell me I will receive a depo bag nect day, and I dont receive anything, have to call depo customer care and on hold for minimum 40 minutes, only to hear that the case has been rejected they dont know why.One tech support told me now I have to send the new part back before creating a new case, otherwise it will be rejected again. but he does not know how I can send the new part back. The return label sent to me was for the faulty HDD.Can anyone help? What is the point of paying for warranty if I receive this type of service? 

A:HORRIBLE tech support and warranty support

You do not state which type of warranty you currently have, there are a few which will affect how TS will or can respond. I hope you get this resolved to your satisfaction...





T61, 6465, Vista

Read other 1 answers
RELEVANCY SCORE 56.4

hello to everyone!!

im working as a tech support agent for one of the biggest ISP in the US.. its a good paying job and also very challenging.. i use to troubleshoot internet connection issues for residential accounts (1 pc only) and for all other issues that i get, i browse for similar issues on the forums of this site.. well, most of them came pretty handy (esp for the security forums).. now, i got transferred to the networking department and im in a total loss!! i can do simple troubleshooting and install assists for new networking users but i really need help in issues like:
1. remote access/ port forwarding
2. invalid IP addresses on the wireless devices
3. file and printer sharing
i was browsing through all the topics but i cant find any.. if there is someone out there who can help me with this issue and give me some pointers on how i am going to do this in an easier way.. i would really appreciate any assistance..

thanks in advance!!
foxxy
 

A:tech support in need of extra support

Read other 6 answers
RELEVANCY SCORE 54.4

Microsoft Windows Technical Support Phone Number 1-800-723-4210
Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-421Microsoft Windows 10 Technical Support phone Number 1-800-723-4210Microsoft Windows 10 Technical Support phone Number 1-800-723-4210Dial now 1-800-723-4210. We are certified technician from microsoft you can call us for any query related to microsoft product. 1-800-723-4210We are here to help you Call us for outlook and Hotmail support Microsoft Outlook 365 Customer Service Phone Number 1 800 723 4210 United States Super Support 1800.723.4210 Microsoft Outlook 365 Customer Service Phone Number 1 800-723-4210 United States Microsoft tech support phone number Microsoft office tech support phone number1-800-723-4210 windows tech support phone number Microsoft tech support phone number usa Microsoft windows tech support phone number Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-4210 Microsoft Windows 10 Technical Support phone Number 1-800-723-4210Microsoft Windows 10 Technical Support phone Number 1-800-723-421Microsoft Windows 10 Technical... Read more

Read other answers
RELEVANCY SCORE 54

Hi
Here is the problem I can't even get to this forum on my main computer to get help. I was gone out of town on a fishing trip and let some people stay at my house now my main computer is screwed up. web pages keep redirecting and any web page that i try to go to like this one just comes up web page not found or it redirects you. one of the idiots that stayed removed avg and installed avira which i know is good but it wont pick up anything wrong i would like some help but like i said i can't get to this forum to get help any ideas????

skid

A:can't even get to tech support

Please follow the instructs from this webpage (sticky):

http://www.techsupportforum.com/secu...oval-help.html

You shall have a proper set of logs for us after that. Someone shall be along shortly

* Kindly note that threads without the proper logs shall likely be ignored.

Read other 4 answers
RELEVANCY SCORE 54

For greyknight17:

The greyknight quests in troubled lands
Where truth is hid in shifting sands;
Elusive demons there do dwell
Of deadly might and visage fell,
Wresting power from local lords
With blue screen shields and pop up swords,
They lay waste to all they see,
Leaving nothing as it used to be;
But with bright sword and favored lance,
Our champion makes the devils dance
To a tune they hear and can’t resist,
Something like: “Stop and desist”,
And in the end, their fate is writ
With mighty scans and combo script
And so with bow and courtly praise
A toast to you, greyknight, I raise:
“Thank you sir for work well done,
Evil slain and battle won;
The blue screen of death is banished here,
And we’re computing now without fear.”



I didn't get to drag a notepad file on top of Combofix like so many others.

Read other answers
RELEVANCY SCORE 54

I bought a new PSU, that came in the mail today. Once I started up the computer I discovered that my USB ports don't work. Last Friday when my video card died, my 4 year old broke the two front USB ports. The computer's manufacturer surmises this shorted out the back ports and now wants to replace the motherboard and case. Both are under warranty, thank goodness.

So now my conundrum, I didn't buy the new PSU from the manufacturer, but it is the same brand as my old one. Do I just send the box back with the new one (which lets them organize the cables ten times better than I can) or do I put the old one back in? Or do I send both? There is nothing wrong with the old PSU, it's just not powerful enough for my new graphics card, which is NOT leaving my possession!

I'm sure I'm over thinking this, I just don't want to be screwed over.

Thank you for any help or advice.
 

A:Does Tech Support Need both Old and New PSU?

Read other 9 answers
RELEVANCY SCORE 54

My computer has become very slow in loading programs such as Firefox. Once it is loaded it doesn't work smoothly as before. Not Responding message appears and everything stops working for a while. Scrolling also doesn't always work. Sometimes the arrow changes to the hourglass and stops working. After a while it changes back to the arrow again and so it continues.

Quite regularly I get the "script not working" message window in the middle of the screen with "continue" or "cancel" options. Sometimes it is the Shockwave plugin and at other times it is Google or other script. And often the end program command doesn't work. For the last few days, script error message for Internet Explorer comes on at powering up.

I have been thinking of reloading Windows but with no more Microsoft support for XP I don't know how I am going to get the updates.

I know the laptop is very old(2001) but I really use it mainly to check emails. Any help in resolving the above issues would be highly appreciated.

Thank you.

Sincerely,
shafiahmed

A:TECH SUPPORT

First off, All updates are available for Windows XP and will continue to be available till the end of time. There will just not be any NEW updates for XP. I just installed XP on an old computer 2 days ago and ran all of 142 Windows Updates.
As for your current installation, try running a Clean Boot. If this works then add one startup item at a time, restarting each time till the computer becomes unresponsive, then you know what the problematic program is.
Also, go to Start/Run and type chkdsk C: /R and press enter, in the command prompt type a Y for Yes and reboot the computer. Check Disk will go thorough 5 stages and takes some time. It will check your HDD for integirty.

Read other 11 answers
RELEVANCY SCORE 54

i trust you all will know what to do with this. i'm short of new to this so directions would greatly help.

Logfile of HijackThis v1.97.7
Scan saved at 9:50:57 AM, on 6/13/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CasinoOnline\CsRemnd.exe
C:\WINDOWS\system32\winproc32.exe
C:\WINDOWS\system32\kx509_kfwk5.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Reference\Bookshelf 98\qshelf98.exe
C:\WINDOWS\system32\krbcc32s.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Slik\My Documents\HijackThis.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software... Read more

A:Tech Support - HELP!

Read other 15 answers
RELEVANCY SCORE 54

To: Tech Support Guy Staff & All Other Dignitaries

I just wanna say that I LOVE Tech Support Guy. My first encounter was a few months ago, when I woke up one morning and found that my homepage had been hijacked by Searchv. I couldn't get rid of it. So I googled until I got to Tech Support Guy, and found that somebody else had the same problem. I followed the instructions and was rid of searchv. Via HijackThis. Jeez, I like that name.....HijackThis. And then came Ad-aware, and Spybot, and a whole new world was opened up to me. To top it off, it's all free. Not quite. I'm sending you guys a donation. You earned it.

pjblevin
 

A:Tech Support Guy

Read other 6 answers
RELEVANCY SCORE 54

I have been getting screens, such as the one attached on several occasions. When I call tech support we have to go through all the tests and nothing shows. The tech has me do a few things and he even takes control of the computer and does some things. Of course, immediately thereafter everything seems to be working fine but eventually I get this screen.  This morning, 08/10/17 the computer gave me the screen I have attached, I sent the technician the picture of the screen and he sends me this response
"Thank you for contacting Dell Technical Support. We appreciate the opportunity to work with you to help ensure you continue to enjoy the use of your Dell system. ?? Please contact Dell Technical Support any time at 1800-624-9896 for quick resolution Service Request Number 951652777
 
Please contact Dell Technical Support any time at 1800-624-9896
please have your service tag or express service code ready. You could also resolve your issues by logging onto our support site www.support.dell.com for basic troubleshooting assistance and information related to order status, driver downloads and queries regarding your Dell system. Please allow our representative to contact you within 48 to 72 hours. Your satisfaction is very important to us. Thank you for choosing Dell."
I think my hard drive or worse, my computer is failing.  I have warranty until 01/19.  What can I do? If I keep calling nothing seems to get fixed.

Read other answers
RELEVANCY SCORE 54

I have some type of virus on my computer. I keep getting pop up and unwanted icons on my desk top. I try to clear them out but everytime I go back on the internet they come back. Please give me some advise.
 

Read other answers
RELEVANCY SCORE 54

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: AMD Athlon(tm) XP 2600+, x86 Family 6 Model 8 Stepping 1
Processor Count: 1
RAM: 767 Mb
Graphics Card: NVIDIA GeForce FX 5500, 256 Mb
Hard Drives: C: Total - 109915 MB, Free - 42983 MB; D: Total - 4538 MB, Free - 690 MB;
Motherboard: ASUSTeK Computer INC., A7N8X-LA, Rev 1.xx, X312345678
Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated: Yes, On-Demand Scanner: Enabled
 

A:Tech Support

thank you. I understand!
 

Read other 3 answers
RELEVANCY SCORE 54

How many pins are there on a standard SCSI-2 connector?

------------------
TeChYgIrLl
 

A:PC Tech Support Help

50
 

Read other 2 answers
RELEVANCY SCORE 54

What do I use to remove mall where from my Windows 8 PC. ?
 

A:Tech Support

would you read the following
http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html
and post the logs required

I will then move to the virus / malware forum for assistance from a virus/malware expert
Note it can take up to 48 hours to get a reply as they are very busy in that forum and only authorised members are allowed to reply
 

Read other 1 answers
RELEVANCY SCORE 54

my mcafee says i have 2PWS-LegMir(trojans)that cannot be removed why is that.and how do i remove them?

A:tech support

Have you tried to remove them manually?

Read other 2 answers
RELEVANCY SCORE 54

I have a LG X120 notebook with windows XP, will it be able to be viewed threw an HAIER LCD Television.
 

A:Tech support

Hi Debbie, and welcome to TSG.

If this is your computer (http://www.lg.com/hk_en/notebooks/lg-X120-L), it has a VGA video output connector.

Your TV would need to have a VGA, DVI-A, or DVI-I video input jack. The TV would also need to support at least one of the video resolutions and refresh rates that the computer can feed to the VGA connector.
 

Read other 1 answers
RELEVANCY SCORE 54

I know I know… Wrong posting BUT!

This is a scream! If you are in tech support I bet you had a day like this. Or you’re having one right now! I know that I did some years back.

A Day In The Life Of A Tech Support Guy Click Sales Guy vs. Web Dude
I know a Mod is going to move this but before you do, watch it then move it!
 

A:Tech Support Guy!!

Read other 7 answers
RELEVANCY SCORE 54

I was giving my deceased grandfather's computer and it's has a password on it how do I get past it ?
 

A:Tech support !

Unfortunately we will not assist with that issue
One of the site rules is
Please do not ask for assistance with (or ways to bypass) a forgotten or unknown password, personal identification number (PIN) or any other type of access code that may be required on a computer, mobile device or web site. As there is no way to verify the actual situation or intent, no assistance will be provided and any such threads will be closed.Click to expand...

Please do understand that we are not doubting what YOU say, simply that we have no way of verifying that your explanation is the truth.
If for instance your computer was stolen or accessed without your permission and we enabled the person responsible to gain access to your computer, you would not be very pleased.

Sorry we cannot help
Our only suggestion is a clean install of Windows using the product key on the case of the computer if there is one.
 

Read other 1 answers
RELEVANCY SCORE 54

So, like most people should, I use an ad blocker. Also, like most people should, sites that you enjoy or visit a lot, you should contribute to them. This can be easily done by turning off your ad blocker for that one particular site. I did that for Tech Support Guy and the ads were still blocked.

I'm using Firefox and I started disabling some of the privacy features that I use. I disabled Tracking Protection and the ads appeared. Great.. or so I thought. There isn't anyway to disable tracking protection on a particular site. Technically, you can, but it's session based. After I close FF and start it back up, it doesn't keep my individual preference for TSG.

I wasn't sure if FF by default enabled Tracking Protection or not. I mean, if it is enabled by default, then EVERY guest user that visits TSG on FF is not seeing ads, meaning TSG is missing out on a lot of profits.

So on another computer, I completely removed FF and downloaded a fresh, uncustomized copy. Tracking Protection is enabled by default, but oddly, I now saw ads on TSG. Back to the drawing board.

I started customizing this fresh install of FF and after enabling Never Remember History, I no longer had ads. So it appears that this isn't one feature of FF blocking ads on TSG, but 2. If I disable one of the features (doesn't matter which), ads appear. It's only when BOTH features are enabled that ads disappear.

So my question is how can I allow only ads on TSG without havin... Read more

A:Ads on Tech Support Guy

Read other 16 answers
RELEVANCY SCORE 54

I wanted to make this my special post, as its my 1000, and encourage all members to use their System Restore more, I keep a system restore icon on
my desktop and make a restore point everyday, I know the computer is suppose to do it, but it makes me feel better, evertime I make drastic changes or questionable downloads I make a restore point, I simply type call it rp it only takes less than 10 seconds, if everyone did this we really could cut down on our
Tech Support. Have a good day.
http://www.microsoft.com/windowsxp/using/helpandsupport/getstarted/ballew_03may19.mspx
 

A:How to cut down on Tech Support

Read other 10 answers
RELEVANCY SCORE 54

I use Firefox and Safari and when I'm on Myspace,some pages wont load all the way,right after,I get a error message and I opens another page and says Download Adobe9. I tried to download it but I can't find the download or install it
 

A:Tech Support,please!

two steps
for windows ask about mac or linux

1. make sure you have the newest version of firefox and or Safari

2. http://www.adobe.com/products/acrobat/readstep2.html and download

3 make sure to check the right plugin checkboxes when in stalling
 

Read other 3 answers
RELEVANCY SCORE 54

Hello everyone. I applied for a tech support job with my local ISP. I have no schooling, just computer knowledge as a hobby for 10 years. I troubleshoot all my friends and family's computers pretty well. What kind of short term schooling could help me land a tech support job? I feel I have the knowledge but could use a basic course to put on my resume. Any other advice on computer jobs that are a good start to a new career? Thank you.
 

A:ISP Tech Support Job

Read other 6 answers
RELEVANCY SCORE 53.2

If you are looking for such kind of services from which you can communicate in anywhere in the world as well send some documents also. Yes, Brighthouse is the best option which comprised of many features and functions for the users. You might confront some issue related to it, but you should not worry at all as there is an option in the form of Brighthouse Email Customer Support Number where technicians will assist you in resolving the issue

Know More:
https://www.technicalsupporttollfree.com/brighthouse-customer-support/
 

Read other answers
RELEVANCY SCORE 53.2

Hello
I have already followed the instruction from the forum(1st thread) and i would like from one of your specialists to take a look at my hijack log which follows.I see suspicious processess that take much memory and slow down my system especially when starting from task management.I would try to erase some item but as I understood you should advice me first.

Here is the log,

Logfile of HijackThis v1.98.2
Scan saved at 00:34:36, on 06/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WIN... Read more

A:Log Analysis by Tech Support please

Mike, welcome.

Please print this out and follow ALL these directions carefully.

Make sure 'show all files' is enabled:
http://service1.symantec.com/SUPPORT...&osv=&osv_lvl=

Boot into Safe Mode by tapping F8 key repeatedly at bootup.
More detailed instructions here:
http://service1.symantec.com/SUPPORT...01052409420406

Go to Add/Remove Programs and un-install Windows TaskAd if present

Use Windows Explorer to find and delete if still present:
OC:\WINDOWS\System32\98r5baq.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe <== files

C:\Program Files\Windows TaskAd
C:\Program Files\SEARCH~1 <== Folders

Start HijackThis and tick the boxes next to all these, then close all browser and explorer windows, and tell HijackThis to "Fix checked" if still present.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/...arch.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/...arch.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Searc... Read more

Read other 1 answers
RELEVANCY SCORE 53.2

We have a machine that was in need of repair. After doing the remote diagnosis Dell sent a tech out.
They tech verified we needed a new part, and instead of calling it in for us, he had us do it.
Dell Tech Support has been giving us the runaround now for 2 days. The tech on site verified all of the parts needed and what the problem is. TS wanted to re-diagnose, and will not send the part without us jumping through hoops. They ask for something and say "no worries, we will be sending the part", then an hour later get an email saying they need another piece of info.
The tech who went on site should have had the part delivered to us. We should not have to spend countless days arguing with TS to get a part that is under warranty, and clearly in need of repair, replaced.
We need resolution on this ASAP. The tech support rep has wasted enough of our time.
Case #: 944712306
Thank you.

Read other answers
RELEVANCY SCORE 53.2

please help

fresh install win xp

everything fine till i get to mb drivers

infdrv.dll
agpdrvnt.dll
viastor.dll

failed to load

please tell me what these are as i can find no information on them and/or any reason i should have this problem
 

A:windows tech support says its not them

Read other 6 answers
RELEVANCY SCORE 53.2

Hey everyone, and thanks in advanced for your help. I'm having some issues with this very website (Tech Support Guy). Whenever I access it, I am normally supposed to be logged in. I am, and I will attempt to access a forum, post, etc. Then the website logs me out and reverts back to the original color theme.

Once I've logged back in, I will access a post or what have you, only to have been logged out -again-! Then I will log back in, and my browser will redirect me to the forum so I may post something myself. Then once I post something I have to log back in -again-! (and this happens whenever I click a new thread or whatever...it will probably happen once I am finished typing this post).

Anyway, if there is any advice on how to fix this that somebody could offer it would be greatly appreciated since I love this site and enjoy helping the community. It's just a hassle to have to keep logging in every 10 seconds.

Thanks again,
TheShooter93
 

A:Tech Support Guy Issues

You are not the only one with the problem. Check the following.

http://forums.techguy.org/site-comments-suggestions/888358-now-its-logging-me-out.html
 

Read other 3 answers
RELEVANCY SCORE 53.2

so recently I was sent here from a trusted advisor regarding my virus issue, here was the details to that
https://forums.techguy.org/threads/...r-questions-on-security.1206672/#post-9482957

also i had a question regarding my photos as my computer had a photo of my drivers licence should I be concerned about that?
 

Read other answers
RELEVANCY SCORE 53.2

I have been trying to find out why my Win 7 mavhine decides to crash and then continues to do so . I really do not want to relist the same thread again, but this is getting frustrating

A:Are there any tech support people here?

My friend, you are going to have to give us a bit more information than just "My PC Crashes"

What occurs Just before the crash, During the crash, and when did it start to happen?

New software? Hardware? Removal of Software/Hardware?

We need more info on this, good sir. I'm sure we'd be glad to help.

Matt~

Read other 9 answers
RELEVANCY SCORE 53.2

Hi,
I am a registered user but have to always re-enter my user name and password, as anything I try to do such as post a thread, check the forums, check replies, says I am not a registered user. Any advice?
thanks
Nick Gill
NAEEM2
 

A:need tech support for this site

Read other 15 answers
RELEVANCY SCORE 53.2

I have a hp psc 1350 v printer, trying to install on this machine; printer was installed on this machine in nov.2003 and worked fine until 2 weeks ago. at that time , printer quit working and in the control panel, printer icon showed up like a hidden file. tried to reinstall printer several times with no success. contacted hp support, spent several hours, spanning 4 days ,installing and uninstalling software, trying to install this printer. changed usb cables and same problem.other usb devises are recognised instantly. Hp support sent me a new printer, tried to install, same problem...no printer. so, tried to install printer on 2 other pcs and no problem, worked great (one machine has the exact same mother board as the problem pc).Hp says its a chip problems, problem started when i did a windows recommended driver update for via chip. CAN YOU HELP?

Here are my specs:

Operating System Windows XP Home Edition Service Pack 1 (build 2600)
System Model = ECS = P4VXASD2+ = 1.0 (motherboard)
Main Circuit Board Board: ECS P4VXASD2+ 1.0
Bus Clock: 100 megahertz
BIOS: American Megatrends Inc. 07.00T 04/02/01
Processor 2.00 gigahertz Intel Pentium 4
8 kilobyte primary memory cache
512 kilobyte secondary memory cache
256 Megabytes Installed Memory
Did have 768, took out 512

Thanks in advance, Jim Green
 

A:[B]HP Tech support gave up on this one[/B]

Uninstall the printer, through ADD/REMOVE PROGRAMS, then go to Control Panel -> System -> Hardware -> Device Manager and remove any left over HP/printer entries - look under HP, USB, all the categories. If HP gave you a seperate uninstaller to use then run that, they usually have one and if you look through your CD you might be able to find it hidden somewhere. Then unplug the printer and all other USB devices - except USB a mouse and Keyboard if yours happen to be USB.

Now still in Device Manager remove all USB hubs and then all USB Controllers.

Now go here: http://www.viaarena.com/?PageID=403 and download and install the latest VIA 4-in-1 drivers and reboot as request. Then reboot again after the USB controllers are reinstalled.

Now download the latest printer drivers from HP's website for your model if you haven't done so yet and start the installation. Do not plug in the printer until prompt to do so or until the installation is totally complete. When plugging in the printer use a USB connector that is not near the one you used before - they are usually in pairs of two.

If that Fails you can do a System Restore from Programs - Accessories - System to a date before the problems started and hope it works and doesn't recur.

XP runs better with more RAM - if there's nothing wrong with it then add it back in.
 

Read other 3 answers
RELEVANCY SCORE 53.2

I don't know if anyone has had to deal with them (hopefully not) but they are terrible. Got my computer in April and all of a sudden it quit loading up after a restart or shut down. So they diagnose it over the phone as a bad power supply. I send it in, they have it for a week and a half and sent it back today, so I turned it on and it has the exact same problem. I call them back and they say well it must be the motherboard. I can not believe that they didn't at least test the thing out to see if it worked before sending it back to me. Especially when I emailed them last week to check the status of my computer and they told me it was still going through the diagnostic testing process. Wouldn't any type of diagnostic test show a bad motherboard, I mean thats kind of important isn't it? So now I have to send it back in to them, and be without my computer again for probably another 2 weeks. The entire process has been a headache and I have to call them back tomorrow yet again because they couldn't process my "RMA number" because they were having problems with their system tonight. My guess is that they are using their own Gateway computers there too...Next time I'll spend the extra and get a Dell..
 

A:Gateway Tech Support....

Dell won't be any better. They're all about the same. You'll have better luck with tech support and repairs if you have it built locally by someone you can look in the face when you talk to them.

Welcome to the world of ultra-cheap support.
 

Read other 2 answers
RELEVANCY SCORE 53.2

Hello to one and all,

When I try to search [in IE7] for my initial reason for coming to this forum I get:

Fatal error: Allowed memory size of 75497472 bytes exhausted (tried to allocate 2097152 bytes) in /home/tsf/public_html/search.php on line 885

Any suggestions?

A:I cannot search Tech Support?

Hi Unbound, and welcome to TSF. Admin are apparently aware of the problem.

Have a look Here

Read other 2 answers
RELEVANCY SCORE 53.2

Ok before I get into my problem, here's a little about my notebook - I trust that these details may be somewhat helpful in attempts to resolve my issue:

I have a HP Pavilion dv6000 (RG364UA#ABA) with Microsoft Windows XP Professional
version 5.1.2600 (media center) service pack 2.0 Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz version x86 Family 6 Model 15 Stepping 6 current speed 1660 MHz

Let me start by thanking you for your patience as you read this. I contacted HP Tech support via chat numerous times to discuss general questions around some concerns I had regarding a "space issue" I was having. The "space issue" actually was caused by a surplus of photos I had in "MY PICTURES" which I thought I had removed after I burned them to a disk as well as video files located on another user profile.

Anyhow, I contacted HP support and was advised to do a "non destructive" recovery and was completely assured that this would resolve my problem and all files and applications would remain in tact unharmed. Well that was crap.

Once the recovery process was complete, all user information was gone. No user profiles existed on the login screen. I had to recreate a user profile. The recovery reverted everything to "factory settings", however all files were found on the old user profile which was located under "documents and settings" on the c:\ drive.

Also, all applications still appeared under All Programs on the Start Men... Read more

A:HP Tech Support screwed me

Read other 10 answers
RELEVANCY SCORE 53.2

using my Internet Explorer 5.1 (Mac OS X) proxy server, typing in the Tech Support Guy website (www.helponthe.net) pulls up http://discussions.virtualdr.com/ instead.

But when I don't use the proxy server, helponthe.net works fine.

Any ideas?
 

A:Tech Support Guy hijacked?

Nothing wrong with Tech support guy. I would look at the proxy as the problem..
 

Read other 1 answers
RELEVANCY SCORE 53.2

I have the "toolbar.exe" spy....I posted my "hijackthis" log yesterday at 5 pm, but no one has replied yet.

Could someone please reply? I am finding it very difficult to run my computer.

Here is a repost of my log:
Logfile of HijackThis v1.98.2
Scan saved at 5:55:45 AM, on 9/29/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\TSI32\tsircusr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TCAUDIAG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\PFU\ScanSnap\PfuSsSct.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\CardLauncher.exe
C:\Program Files\PFU\ScanSnap\PDF Thumbnail View\pdfquickview.exe
C:\PROGRA~1\Toolbar\TBPS.exe
C:\Program Files\PFU\ScanSnap\CardMinder V2.0\bcd_file\SbCRecE.exe
C:\WINDOWS\system32\c... Read more

A:No Tech Support Guy Reply Yet..Please Help

Read other 7 answers
RELEVANCY SCORE 53.2

I had a company called Advanced Tech Support remotely tune up my computer. But they could not do it until I had Verizon come out and see why my download speed was only 0.43. Verizon found the problem and got my download speed up.After that ATS took my computer over for about 3 hours. Now all my downloads are fast and buffering problems are gone.
I think probably though. Just upping the speed would have fixed the problem. But I had already payed them So I let them do the work..
Here's my question. I watched them remove my "Revo uninstaller", my "Should I remove it" and my "Spybot" When I asked the representative why she said because they all have a bad reputation for Malware. Has anybody here heard this about these 3 programs.? I sure haven't. Unless you guys here at TS warn me not to I'm going to put them back. Especially since I like the way Revo gets rid of the extra crap. and Spybot has found things that MBAM and SAS didn't Thanks
 

A:Advanced Tech Support

Personally I've never had any "Malware" problems related to revo that I know of. I think (s)he just didn't like the program. I'm not familiar with "Should I remove it" & I quit using Spybot when they updated the program a few years ago.
 

Read other 23 answers
RELEVANCY SCORE 53.2

Hi am using W7 Pro 32bit & G Chrome, when I receive an email notification about my post from Tech support & click on the link it won't let me log in & the Tech support forums site keeps jerking, is it coz I have Adblock installed?

Have to type the URL to log in?

Any clues why?

Thanks.
 

A:Jerky Tech support?

I use G Chrome with Adblock and have no problems at all.

To help us help you,please use the TSG System Info tool to let Tech's know the specs of your computer: http://static.techguy.org/download/SysInfo.exe Copy and paste the results here in your thread. You can use the TSG Info to fill in your computer information in your user profile as well.

Also, if its a brand name system like an Acer,Dell or HP, please post the exact model of the system.
 

Read other 1 answers
RELEVANCY SCORE 53.2

Greetings Cookiegal: I just now joined and this is my first post. I have read the rules and especially your admonition above: "it's NOT a place to ask questions or seek assistance or other people's opinions on products or services". I am trying to comply with everything but I cannot find an appropriate category. My post would be to solicit reviews & recommendations of the commercial general purpose tech support services. I am not totally tech ignorant but I am old & have a lot of new stuff, so I need a "hand-holding" type of personal tech support with online remote access to my stuff. I see a lot of advertisement for those services but I don't have a clue, need guidance to select one. Cookiegal, please instruct me how & where to properly post this issue.
 

A:help with Tech Support Services

Read other 7 answers
RELEVANCY SCORE 53.2

Once upon a time, I received emails/notifications from threads I'm watching or participating in from TSG in my Update folder, now all goes to Spam.
This began before this new computer....and at first was sporadic, some notifications came through, others did not, now it's all spam.
Looking at Google Help, I added Tech Support Guy to my contacts, but that didn't seem to do a darn thing.
It may be that it's because I registered with TSG with a charter.net email, and set up gmail to harvest from there, but even so, it used to work just fine, a few months past.
Perhaps there's a setting I'm missing?
 

A:gmail and Tech Support Guy

Maybe try changing your email address from charter.net to gmail.com? https://forums.techguy.org/account/contact-details
 

Read other 3 answers
RELEVANCY SCORE 53.2

I've tried Malwarebytes and adwcleaner without luck. This is happening in Chrome.  I'm using Win8.1.  Attached is a copy of the screen I'm getting. 
 
Thanks for any help!

Read other answers