1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Not sure of what to call my problem

Discussion in 'Windows Vista' started by bigbopper123, Aug 25, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
    Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-72, AMD64 Family 17 Model 3 Stepping 1
    Processor Count: 2
    RAM: 2813 Mb
    Graphics Card: ATI Radeon HD 3200 Graphics, 256 Mb
    Hard Drives: C: Total - 114115 MB, Free - 2696 MB; D: Total - 114116 MB, Free - 111341 MB; F: Total - 476937 MB, Free - 465495 MB;
    Motherboard: Gateway,
    Antivirus: CyberDefender Internet Security, Updated: Yes, On-Demand Scanner: Enabled

    My computer is running very slow. Pictures take sometimes 3 minutes or more to show up. When I want to go to a website I get an error message saying "Internet Explorer cannot display the webpage." Not all the time and several different sites. My Norton 360 cannot find anything wrong when I scan. I downloaded a program called "System Mechanic" which is useless. I restored back as far as I could but that didn't help. Please help!!!
     
  2. TheShooter93

    TheShooter93 Cody Malware Specialist

    Joined:
    Jul 9, 2008
    Messages:
    11,013
    Uninstall System Mechanic. Programs like these claim to clean your computer, but the registry editors in them can leave your computer a doorstop.

    You've already done the necessary step of performing a System Restore.

    -----------------------------------------------

    Norton is a very resource hungry antivirus program.

    I suggest removing it with the Norton Removal Tool, and installing Microsoft Security Essentials instead.

    If you're still paying for your current subscription, you can wait until it expires, but ultimately I would suggest switching antivirus programs.

    -----------------------------------------------

    If you have CyberDefender Internet Security still installed, you should uninstall that regardless of if you uninstall Norton.

    Having two antivirus programs installed simultaneously can slow down your computer drastically, as well as cause security holes in your protection.

    -----------------------------------------------

    Click Start.

    In the search bar, type MSCONFIG and hit Enter. Click the "Startup" tab.

    Write down only the names in the "Startup Item" column that have a checkmark next to them.

    If the "Startup Item" column isn't wide enough to see the entire name of any of them, widen the column.

    Submit those names here in a vertical list.

    Make sure to spell them EXACTLY as you see them there.
     
  3. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    These are the names of the start-up programs:

    lxddmon.exe

    lxddmon

    GoogleToolbarNotifier

    HP Digital Imaging

    Microsoft Windows Operating System (There is an "R" in a circle between the words where I have spaces)

    Win Zip
     
  4. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,062
    Follow TheShooter93's suggestions related to CyberDefender and System Mechanic.

    Then post a Hjt log - to see what is running on your system.

    Hijack this 2.04
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

    Should the Hjt log not be accessible - you may need to disable UAC.
    Go to Control Panel - User Accounts, then turn off and disable the User Account Control[UAC]
    Apply the change > restart your computer.

    ------

    Also post the uninstall log from Hjt log
    Start HiJackThis.
    At the bottom right - Other Stuff
    Click on Config > Misc Tools.
    Click > Open Uninstall Manager.
    Click > Save List.
    Save the uninstall list file on your desktop.
    It will then open in Notepad.
    Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
     
  5. TheShooter93

    TheShooter93 Cody Malware Specialist

    Joined:
    Jul 9, 2008
    Messages:
    11,013
    I'll let blues_harp28 take over, as they have more freedom to use certain programs to help you that I cannot.

    Good luck with your computer. (y)
     
  6. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    When I clicked on Do a system scan and save a log file it opened in it's own window, with no edit button and a blank notepad was next to it. I can't copy at all.
     
  7. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,062
    Did you uninstall CyberDefender?
    Did you let System Mechanic clean the registry - running both the above programs may have added to your problems?

    Download.
    MalwareBytes and SuperAntiSpyware to your desktop.
    Download the Free versions of both programs.

    MalwareBytes

    SuperAntiSpyware

    Once they are downloaded to your desktop.
    Close all open browser windows.

    MalwareBytes
    Click on the Install icon - allow it to update during the install process.
    Start Malwarebytes Anti-Malware.
    Click on Scanner > then quick scan > then Scan.
    Any infections or problems will be highlighted in red.
    After the scan is finished - Click - Show Results.
    Check that all entries are selected.
    Click - Remove Selected.
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start Malwarebytes again.
    Click on the Logs Tab.
    Highlight the scan log entry.
    Click - Open.
    The scan log will appear in Notepad.
    Copy and paste it in your next post.

    SuperAntiSpyware
    Click on the install icon - allow it to update during the install process.
    Select the Quick Scan option.
    Click Scan your Computer.
    Any infections or problems will be highlighted in red.
    After the scan is finished.
    Click Continue.
    Check that everything is listed.
    Click Remove Threats.
    Click OK - then click Finish
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start SuperAntiSpyware again.
    Click View Scan Logs.
    Highlight the scan log entry.
    Click - View Selected Log.
    The scan log will appear in Notepad.
    Copy and paste in your next post.
     
  8. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    blues_harp28:

    I don't have CyberDefender and I have uninstalled System Mechanic. I have run MalwareBytes and am pasting the scan log below. I will do the same for SuperAntiSpyware and include the results in my next post.
    www.malwarebytes.org
    Database version: v2012.08.27.08
    Windows Vista Service Pack 2 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Rick :: RICK-PC [administrator]
    8/27/2012 6:22:54 PM
    mbam-log-2012-08-27 (18-22-54).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 205019
    Time elapsed: 5 minute(s), 57 second(s)
    Memory Processes Detected: 1
    C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 4312 -> Delete on reboot.
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 3
    HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 2
    HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) -> Quarantined and repaired successfully.
    HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") -> Quarantined and repaired successfully.
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 3
    C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> Delete on reboot.
    C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
    C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
    (end)
     
  9. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    This is the scan log from SuperAntiSpyware. I didn't remember clicking on "remove threats" so I did another scan which found 4 more threats. Both scan logs follow:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    Generated 08/27/2012 at 07:09 PM
    Application Version : 5.5.1012
    Core Rules Database Version : 9132
    Trace Rules Database Version: 6944
    Scan type : Quick Scan
    Total Scan Time : 00:18:01
    Operating System Information
    Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User
    Memory items scanned : 495
    Memory threats detected : 0
    Registry items scanned : 54440
    Registry threats detected : 4
    File items scanned : 12624
    File threats detected : 70
    PUP.MyWebSearch/FunWebProducts
    (x86) HKU\S-1-5-21-2136509545-3566234257-550551741-1000\SOFTWARE\FunWebProducts
    Adware.Zugo
    (x86) HKLM\Software\Microsoft\Internet Explorer\Toolbar#{9D425283-D487-4337-BAB6-AB8354A81457}
    (x86) HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
    (x86) HKU\S-1-5-21-2136509545-3566234257-550551741-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
    Adware.Tracking Cookie
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\01A1IT9Q.txt [ /pointroll.com ]
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\LBWKNEAL.txt [ /doubleclick.net ]
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\RWMVBEXN.txt [ /imrworldwide.com ]
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\09BKJ93L.txt [ /adxpose.com ]
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\B2ZSNOCE.txt [ /ads.pointroll.com ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\YTHYEF0S.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\LG7M0UOQ.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\XPV6HNU3.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\rick@imrworldwide[2].txt [ Cookie:[email protected]/cgi-bin ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/accounts ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\rick@lucidmedia[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\BZQQYD44.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\rick@kanoodle[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y5J10L5M.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\GNDTFSMP.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\E3M6QVRT.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\PJ19YDZD.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\MIL6K6IT.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y0QPVRZI.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\A09FFF2Q.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\H9NT5CVK.txt [ Cookie:[email protected]/adserving ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\PR0XZJVS.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\MBXGM1B9.txt [ Cookie:[email protected]/pagead/conversion/1000628365/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q25NOQCV.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\7LO2TMAP.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/pagead/conversion/1006081641/ ]
    C:\USERS\RICK\AppData\Roaming\Microsoft\Windows\Cookies\Low\OWRK5L09.txt [ Cookie:[email protected]/pagead/conversion/1020199497/ ]
    C:\USERS\RICK\Cookies\01A1IT9Q.txt [ Cookie:[email protected]/ ]
    C:\USERS\RICK\Cookies\RWMVBEXN.txt [ Cookie:[email protected]/cgi-bin ]
    C:\USERS\RICK\Cookies\09BKJ93L.txt [ Cookie:[email protected]/ ]
    .msnportal.112.2o7.net [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ehg-gaddispartners.hitbox.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hitbox.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hitbox.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .dmtracker.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adserver.adtechus.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.googleadservices.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.googleadservices.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .getclicky.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .static.getclicky.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tracking.alwaysdownloads.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tracking.alwaysdownloads.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.googleadservices.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\RICK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    Generated 08/27/2012 at 09:29 PM
    Application Version : 5.5.1012
    Core Rules Database Version : 9132
    Trace Rules Database Version: 6944
    Scan type : Quick Scan
    Total Scan Time : 00:12:58
    Operating System Information
    Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User
    Memory items scanned : 500
    Memory threats detected : 0
    Registry items scanned : 54435
    Registry threats detected : 0
    File items scanned : 12633
    File threats detected : 4
    Adware.Tracking Cookie
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\16I348DV.txt [ /pointroll.com ]
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\HVF4DKBR.txt [ /doubleclick.net ]
    C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Cookies\JRFW9J0C.txt [ /ads.pointroll.com ]
    C:\USERS\RICK\Cookies\16I348DV.txt [ Cookie:[email protected]/ ]
     
  10. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,062
    MalwareBytes has found registry file changes to notepad.

    Did you reboot your Pc when asked to remove some of the entries?
    Can you now open the Hjt log in notepad and paste the log?

    SUPERAntiSpyware was run as Limited User and not Administrator and with User Account Control[UAC] turned On.
    Turn off UAC and see if the Hjt log will load and the scan log open in notepad.
    UAC can always be turned back on at a later date.

    If you cannot post the Hjt log - we may need one of our Malware Expert to take a look and run other scans on your Pc
     
  11. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    I did reboot when asked to. I still can't open the hjt notepad log. I have no clue as to how I change from UAC to Administrator in SuperAntiSpyware. I do appreciate your help. I have just enough computer knowledge to get frustrated when things like this happen and I can't fix them!
     
  12. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,062
    Disable User Account Control (UAC)
    Restart your Pc - then see if you can run the Hjt log.
    Disable UAC
     
  13. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    I disabled the UAC and was able to et the log for the HJT.


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:01:02 PM, on 8/28/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16448)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe
    C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe
    C:\Program Files\WinZip\WZQKPICK32.EXE
    C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.3.0.14\ccSvcHst.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.3.0.14\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.3.0.14\IPS\IPSBHO.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.3.0.14\coIEPlg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN25O5122005PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {9C65AB3E-C9A8-4789-AE24-B365A1C4A6F9} - http://gateway-us.custhelp.com/euf/assets/activex/snret.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D5C73BF6-5E4B-4748-B92E-FECCE92F3F4F}: NameServer = 99.99.99.53
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~2\WI9130~1\Datamngr\datamngr.dll C:\PROGRA~2\WI9130~1\Datamngr\IEBHO.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: dlcd_device - Unknown owner - C:\Windows\system32\dlcdcoms.exe (file missing)
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
    O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    O23 - Service: Google Update Service (gupdate1c9b66862faf630) (gupdate1c9b66862faf630) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.3.0.14\ccSvcHst.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: pcCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
    O23 - Service: pcServiceHost - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
    O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
    O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
    --
    End of file - 8681 bytes
     
  14. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,062
    Post the uninstall log from Hjt log
    Start HiJackThis.
    At the bottom right - Other Stuff
    Click on Config > Misc Tools.
    Click > Open Uninstall Manager.
    Click > Save List.
    Save the uninstall list file on your desktop.
    It will then open in Notepad.
    Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
     
  15. bigbopper123

    bigbopper123 Thread Starter

    Joined:
    Apr 18, 2012
    Messages:
    18
    This is the uninstall list:


    Update for Microsoft Office 2007 (KB2508958)
    Acrobat.com
    Acrobat.com
    Adobe AIR
    Adobe AIR
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.4)
    AMD USB Audio Driver Filter
    AT&T Troubleshoot & Resolve Tool
    Audacity 1.2.6
    Bing Rewards Client Installer
    BitTorrent
    Camera Assistant Software for Gateway
    Catalyst Control Center - Branding
    Compatibility Pack for the 2007 Office system
    CompuHost
    CrossLoop 2.43
    D3DX10
    FinalTorrent 2011
    Gateway Recovery Management
    GEAR driver installer for x86 and x64
    GearDrvs
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    Google Updater
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Deskjet 3050A J611 series Help
    HP Photo Creations
    HP Update
    Java(TM) 6 Update 26
    Java(TM) 6 Update 5
    Junk Mail filter update
    JustKaraoke 2.0
    jZip
    KaraFun Player
    Karaoke-Realm
    Malwarebytes Anti-Malware version 1.62.0.1300
    MapsGalaxy
    Mesh Runtime
    Messenger Companion
    Microsoft Money Essentials
    Microsoft Money Shared Libraries
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook Connector
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Standard Edition 2003
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft UI Engine
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    mIRC
    MP3+G Toolz
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Music and Song Lyrics
    muvee Reveal Seagate Edition
    Netflix in Windows Media Center
    Norton 360 Premier Edition
    Paltalk Messenger 10.2
    PC Speed Maximizer v3.0
    Pinnacle Instant DVD Recorder
    Pinnacle Studio 12
    Portforward Static IP Address 1.0.47
    Power CD+G Burner
    PowerXpressHybrid
    QuickTime
    Seagate Manager Installer
    Seagate Manager Installer
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
    Segoe UI
    Spelling Dictionaries Support For Adobe Reader 9
    Super Remote Request Tool 1.0
    TeamViewer 6
    The Weather Channel App
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 (KB974631)
    Update for Microsoft Office Word 2007 (KB974631)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Viewpoint Media Player
    VisDir Free Disk Space Finder v 1.5
    VLC media player 1.0.3
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer Resources
    Windows Searchqu Toolbar
    WinZip Courier
    Wireless LAN Adapter
    Yahoo! Software Update
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1066462