1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Few problems

Discussion in 'Windows XP' started by sb99000, Jan 16, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. sb99000

    sb99000 Thread Starter

    Joined:
    Nov 23, 2012
    Messages:
    56
    Operating system windows XP, 32 bit, Antivirus and firewall - Quick heal.

    Experiencing few problems.

    1. Frequent shock wave flash (Google chrome) unable to watch you-tube videos properly

    2. AVG free addition is not uninstalling, even I have downloaded AVG remover but not worked.
    Then installed Quick-heal after bypassing AVG. Even Quick-heal was unable to remove AVG.
    Tried many times to remove AVG from ''Add or Remove Programs'' but failed. Now installed
    Quick-heal but AVG is still now showing in the 'Add or Remove Programs''.
    Tried to Delete from program files but not worked.

    3.System is hanging after every 10/15 minutes, not only pages but mouse pointer is also
    hanging. This is a new problem started from today.

    Need help. Thanks
     
  2. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,632
    Check and post
    TSG System Information Utility - found here.
    http://library.techguy.org/wiki/TSG_Valuable_links
    ------
    Post a Hjt log - to see what is running on your system.
    Hijack this 2.04
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

    Also post the uninstall log from Hjt log
    Start HiJackThis.
    At the bottom right - Other Stuff
    Click on Config > Misc Tools.
    Click > Open Uninstall Manager.
    Click > Save List.
    Save the uninstall list file on your desktop.
    It will then open in Notepad.
    Click Edit > Select All > Edit > Copy-and-Paste the uninstall list in the reply box.
    -------
    Download Security Check by screen317
    http://screen317.spywareinfoforum.org/
    Save it to your Desktop.

    Double click the install icon.
    A command Prompt window will open.
    Let it scan the Pc - press any key when asked.
    It should now open in Notepad - and will save a log called checkup.txt.
    Post the result of the scan here.
     
  3. sb99000

    sb99000 Thread Starter

    Joined:
    Nov 23, 2012
    Messages:
    56
    hijackthis
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:24:23 PM, on 1/16/2013
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE
    C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
    C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\onlinent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\DirectDownloader\DirectDownloader.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: BitAccelerator - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\BitAccelerator\BitAccelerator.dll
    O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
    O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Quick Heal Core UI] "C:\Program Files\Quick Heal\Quick Heal Total Security\strtupap.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [AllTubeDownloader] "C:\Program Files\AllTubeDownloader\AllTubeDownloader.exe" --hide
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Direct Downloader.lnk = C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\DirectDownloader\DirectDownloader.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
    O20 - AppInit_DLLs: scdetour.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Core Mail Protection - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE
    O23 - Service: Core Scanning Server - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
    O23 - Service: Core Scanning ServerEx - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe
    O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Total Security Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
    O23 - Service: Core Browsing Protection (ScSecSvc) - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe
    O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

    --
    End of file - 10450 bytes



    uninstall list
    7-Zip 9.20
    Adobe Reader X (10.1.1)
    Alien Wars
    Any Video Converter 3.0.4
    Ashampoo Burning Studio 6 FREE v.6.80
    AVG 2012
    AVG 2012
    BS Player Toolbar
    BS.Player FREE
    Coupon Printer for Windows
    GOM Player
    Heavy Weapon Deluxe
    High Definition Audio Driver Package - KB888111
    HiJackThis
    HP Deskjet 2050 J510 series Basic Device Software
    HP Deskjet 2050 J510 series Help
    HP Deskjet 2050 J510 series Product Improvement Study
    HP Photo Creations
    HP Update
    Microsoft .NET Framework 2.0
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox 18.0 (x86 en-US)
    Mozilla Maintenance Service
    Opera 12.12
    Quick Heal Total Security
    Quick Heal Total Security
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    SUPERAntiSpyware
    TornTV
    Update for Windows XP (KB932823-v3)
    VLC media player 1.1.9
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    WinRAR 4.20 (32-bit)
    WinZip 15.0



    checkup

    Results of screen317's Security Check version 0.99.57
    Windows XP Service Pack 2 x86
    Out of date service pack!!
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    Please wait while WMIC is being installed.d
    i
    s
    p
    l
    a
    y
    N
    a
    m
    e
    ECHO is off.
    Q
    u
    i
    c
    k
    ECHO is off.
    H
    e
    a
    l
    ECHO is off.
    T
    o
    t
    a
    l
    ECHO is off.
    S
    e
    c
    u
    r
    i
    t
    y
    ECHO is off.
    2
    0
    1
    3
    ECHO is off.
    A
    V
    G
    ECHO is off.
    A
    n
    t
    i
    V
    i
    r
    u
    s
    ECHO is off.
    F
    r
    e
    ECHO is off.
    E
    d
    i
    t
    i
    o
    n
    ECHO is off.
    2
    0
    1
    2
    ECHO is off.
    Antivirus out of date!
    `````````Anti-malware/Other Utilities Check:`````````
    SUPERAntiSpyware
    Adobe Reader 10.1.1 Adobe Reader out of Date!
    Mozilla Firefox (18.0)
    ````````Process Check: objlist.exe by Laurent````````
    AVG avgwdsvc.exe
    AVG avgrsx.exe
    AVG avgnsx.exe
    AVG avgemc.exe
    Quick Heal Quick Heal Total Security onlinent.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 29% Defragment your hard drive soon! (Do NOT defrag if SSD!)
    ````````````````````End of Log``````````````````````
     
  4. sb99000

    sb99000 Thread Starter

    Joined:
    Nov 23, 2012
    Messages:
    56
    hijackthis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:24:23 PM, on 1/16/2013
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE
    C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
    C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Quick Heal\Quick Heal Total Security\onlinent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\DirectDownloader\DirectDownloader.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: BitAccelerator - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\BitAccelerator\BitAccelerator.dll
    O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
    O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Quick Heal Core UI] "C:\Program Files\Quick Heal\Quick Heal Total Security\strtupap.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [AllTubeDownloader] "C:\Program Files\AllTubeDownloader\AllTubeDownloader.exe" --hide
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Direct Downloader.lnk = C:\Documents and Settings\U BHATTACHARJEE\Local Settings\Application Data\DirectDownloader\DirectDownloader.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
    O20 - AppInit_DLLs: scdetour.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Core Mail Protection - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE
    O23 - Service: Core Scanning Server - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
    O23 - Service: Core Scanning ServerEx - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe
    O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Total Security Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
    O23 - Service: Core Browsing Protection (ScSecSvc) - Quick Heal Technologies (P) Ltd. - C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe
    O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

    --
    End of file - 10450 bytes




    uninstall list

    7-Zip 9.20
    Adobe Reader X (10.1.1)
    Alien Wars
    Any Video Converter 3.0.4
    Ashampoo Burning Studio 6 FREE v.6.80
    AVG 2012
    AVG 2012
    BS Player Toolbar
    BS.Player FREE
    Coupon Printer for Windows
    GOM Player
    Heavy Weapon Deluxe
    High Definition Audio Driver Package - KB888111
    HiJackThis
    HP Deskjet 2050 J510 series Basic Device Software
    HP Deskjet 2050 J510 series Help
    HP Deskjet 2050 J510 series Product Improvement Study
    HP Photo Creations
    HP Update
    Microsoft .NET Framework 2.0
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox 18.0 (x86 en-US)
    Mozilla Maintenance Service
    Opera 12.12
    Quick Heal Total Security
    Quick Heal Total Security
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    SUPERAntiSpyware
    TornTV
    Update for Windows XP (KB932823-v3)
    VLC media player 1.1.9
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    WinRAR 4.20 (32-bit)
    WinZip 15.0



    checkup

    Results of screen317's Security Check version 0.99.57
    Windows XP Service Pack 2 x86
    Out of date service pack!!
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    Please wait while WMIC is being installed.d
    i
    s
    p
    l
    a
    y
    N
    a
    m
    e
    ECHO is off.
    Q
    u
    i
    c
    k
    ECHO is off.
    H
    e
    a
    l
    ECHO is off.
    T
    o
    t
    a
    l
    ECHO is off.
    S
    e
    c
    u
    r
    i
    t
    y
    ECHO is off.
    2
    0
    1
    3
    ECHO is off.
    A
    V
    G
    ECHO is off.
    A
    n
    t
    i
    V
    i
    r
    u
    s
    ECHO is off.
    F
    r
    e
    ECHO is off.
    E
    d
    i
    t
    i
    o
    n
    ECHO is off.
    2
    0
    1
    2
    ECHO is off.
    Antivirus out of date!
    `````````Anti-malware/Other Utilities Check:`````````
    SUPERAntiSpyware
    Adobe Reader 10.1.1 Adobe Reader out of Date!
    Mozilla Firefox (18.0)
    ````````Process Check: objlist.exe by Laurent````````
    AVG avgwdsvc.exe
    AVG avgrsx.exe
    AVG avgnsx.exe
    AVG avgemc.exe
    Quick Heal Quick Heal Total Security onlinent.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 29% Defragment your hard drive soon! (Do NOT defrag if SSD!)
    ````````````````````End of Log``````````````````````
     
  5. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,632
    First you need to update to Service Pack 3 asap.
    Download: Windows XP Service Pack 3.
    http://www.microsoft.com/download/en/details.aspx?id=24
    It would be best to download SP3 and burn it to a Cd [Cd-R]
    Once installed - go to Windows updates - let it scan [custom] and install all needed updates.

    Or turn on Automatic Updates and update to SP3 from there.
    How to configure and use Automatic Updates in Windows
    http://support.microsoft.com/kb/306525
    --------
    Once you have done the above.
    Did you use this Avg uninstall tool?
    Download tools and utilities | AVG Worldwide
    http://www.avg.com/ww-en/utilities
    --------
    Quick Heal Total Security is an Anti-Virus program that we would recommend here
    Avast!
    http://www.avast.com/en-gb/index
    Or
    Microsoft Security Essentials.
    http://windows.microsoft.com/en-US/windows/products/security-essentials
    Only one Anti-Virus program is needed of course.
     
  6. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,632
    Do all of the above - update to SP3
    Turn on Automatic updates - install all needed updates.
    Uninstall AVG - if you can.
    Remove Quick Heal Total Security.
    Install another Anti-Virus program - list in post # 5

    Then post a New Hjt log.
    ------
    Update SUPERAntiSpyware
    Select the Quick Scan option.
    Click Scan your Computer.
    Any infections or problems will be highlighted in red.
    After the scan is finished.
    Click Continue.
    Check that everything is listed.
    Click Remove Threats.
    Click OK - then click Finish
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start SuperAntiSpyware again.
    Click View Scan Logs.
    Highlight the scan log entry.
    Click - View Selected Log.
    The scan log will appear in Notepad.
    Copy and paste in your next post.
    ------
    Download MalwareBytes to your desktop.
    Download the Free versions..

    MalwareBytes

    Click on the Install icon - allow it to update during the install process.
    Start Malwarebytes Anti-Malware.
    Click on Scanner > then quick scan > then Scan.
    Any infections or problems will be highlighted in red.
    After the scan is finished - Click - Show Results.
    Check that all entries are selected.
    Click - Remove Selected.
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start Malwarebytes again.
    Click on the Logs Tab.
    Highlight the scan log entry.
    Click - Open.
    The scan log will appear in Notepad.
    Copy and paste it in your next post.
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1085488

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice