1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please check my log. Thank you

Discussion in 'Virus & Other Malware Removal' started by kellyarmstrong, Jan 12, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Every time you submit a services list, it looks noticably different, so I have no way of knowing which entries are set on Automatic or Automatic(Delayed Start).

    Start HiJackThis, then click "Do a system scan and save a log file".
    Save the new log that appears, then copy-and-paste the entire log here.

    Once the new log is submitted, hopefully I can determine which service entries need to be changed to Manual.

    --------------------------------------------------------------
     
  2. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    #42 and #45 are the updated logs. I appoligized more than once for the inconvenience. I am not a pro when it comes to these things, and I am now rereading things twice, and if I don't understand, I'll ask before posting.Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 07:52, on 2013-01-23
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18904)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
    C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\Owner\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Safari\Safari.exe
    C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\System32\wsqmcons.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
    O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,[email protected]
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [lxecmon.exe] "C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe"
    O4 - HKLM\..\Run: [Lexmark Pro800-Pro900 Series Fax Server] "C:\Program Files\Lexmark Pro800-Pro900 Series\fm3032.exe" /s
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SpeetItUpFree] "C:\Program Files\SpeedItup Free\speeditupfree.exe"
    O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun
    O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: CNET TechTracker.lnk = C:\Users\Owner\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcf_device - Unknown owner - C:\Windows\system32\lxcfcoms.exe
    O23 - Service: lxecCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
    O23 - Service: lxec_device - - C:\Windows\system32\lxeccoms.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

    --
    End of file - 9955 bytes

    Here is my hijack log:
     
  3. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Follow these instructions carefully and in the order listed.

    -----------------------------------------------------------

    Go back to Start - Run - MSCONFIG - OK - "Startup" tab.

    Remove the checkmark from these entries in the "Startup Item" column.

    Windows Defender

    Intel(R) Common User Interface

    Intel(R) Common User Interface

    Intel(R) Common User Interface

    Zune

    iTunes

    ROC_roc-dec12

    ROC_roc_ssl_v12

    QuickTime

    Adobe Reader and Acrobat Manager

    SpeedItup Free

    SuperAntispyware


    After you're done, click Apply - OK/Close - Exit Without Restart.

    Go back to Start - Run - SERVICES.MSC - OK.

    Double-click these entries, one at a time, to open their properties window:

    Adobe Acrobat Update Service

    Adobe Flash Player Update Service

    Agere Modem Call Progress Audio

    Google Update Service

    Google Update Service

    Windows Defender


    Change "Startup Type" to Manual, then click Apply - OK.

    After you're all done, close the services window and then restart the computer.

    Wait for the computer to completely settle down from the restart.

    Start HiJackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then copy-and-paste the entire log here.

    ----------------------------------------------------------
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Go to Control Panel - Programs And Features.

    Uninstall SpeedItUp Free

    ---------------------------------------------------------
     
  5. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:47, on 2013-01-23
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
    C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Windows\ehome\ehtray.exe
    C:\Users\Owner\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Safari\Safari.exe
    C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
    C:\Windows\system32\wuauclt.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6728
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
    O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,[email protected]
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [lxecmon.exe] "C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe"
    O4 - HKLM\..\Run: [Lexmark Pro800-Pro900 Series Fax Server] "C:\Program Files\Lexmark Pro800-Pro900 Series\fm3032.exe" /s
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun
    O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - Startup: CNET TechTracker.lnk = C:\Users\Owner\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcf_device - Unknown owner - C:\Windows\system32\lxcfcoms.exe
    O23 - Service: lxecCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
    O23 - Service: lxec_device - - C:\Windows\system32\lxeccoms.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

    --
    End of file - 8687 bytes
     
  6. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Did you have any trouble with completing all of the instructions in post #48 and post #49?

    How is that computer running now?

    ---------------------------------------------------------
     
  7. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    No, No problems with those that I can see anyhow.
    I do have a? though. I downloaded malware byte, super anti spyware and the new high jack app. there is a pc optimizer pro that keeps popping up. Without going through all the posts did i have to run the free version of this before? it never popped up like it does now and I'm not paying for it. I don't remember downloading that app.
     
  8. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    PC Optimizer is associated with AVG, which I refuse to install and use in any computer.

    Are you willing to get rid of AVG and then replace it with the lighter and more user-friendly Microsoft Security Essentials 4.1.522.0?

    ---------------------------------------------------------
     
  9. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    I only used AVG because it was recommended years ago and I just always used it. I also used adaware and other malware downloads that are probably no longer around or better ones are out there, like what you had me download.
    I was going to download the link but how do I know if it's 32 or 64 bit? All I know is I have vista. After downloading it, do I just go to my programs and uninstall avg? If I do will that other program uninstall too or do I have to do that separate? I WARNED you I'm a beginner when it comes to all this stuff.
     
  10. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    oh, and BTW, years ago I was talked out of IE (which I have a very old version, the new one won't update for some reason) and talked into safari. Is that still a good browser or is there another I should be downloading. I know it's just opinions, but I want a user friendly updated one. Thanks
     
  11. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Do the following in the order listed:

    Download and save Microsoft Security Essentials 4.1.522.0(32-bit)

    Note: Select the green "Download latest version" link.

    Download and save AVG Remover 2013.2706

    Note: Select the "Download @ Author's Site" link.

    Go to Control Panel - Programs And Features, then uninstall AVG 2013

    Allow it to remove all quarantine files and logs.

    Restart the computer.

    Run the AVG removal tool.

    Allow it to remove everything that's associated with AVG.

    Restart the computer.

    Install MSE.

    Allow it to update its definition files.

    If it starts running a scan, you can cancel it.

    -------------------------------------------------------

    I'm strictly an Internet Explorer 9 user, but I occasionally use Firefox.

    I've never used Safari or Chrome or any other browser, so I can't really comment on them.

    -------------------------------------------------------

    I've been on here on and off for most of the day, in-between working on a laptop, so I'm shutting down for the night.

    I'll check back with you in the morning. (y)

    -------------------------------------------------------
     
  12. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    OK, I performed all the information you gave. When I went to the step uninstall avg in programs, it wasn't there, so I had to miss that step. I'm assuming because I deleted it in the remover you link you gave me above. It didn't delete the pc optimizer pro. Didn't you say that I don't need it and it installed with avg? Also, should I delete safari since I upgraded IE? I also see there is chrome, which I never use. I must not have had the newest version because there were a few things I coudn't do, but they work now. Let me know if there is anything else I need to do or if I need to give you any information. Thanks
     
  13. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Have you downloaded and saved and run the AVG removal tool?

    Have you downloaded and saved and installed Microsoft Security Essentials?

    Is PC Optimizer Pro listed in Control Panel - Programs And Features?

    --------------------------------------------------------

    If you don't need or use Safari or Chrome, uninstall them.

    --------------------------------------------------------
     
  14. kellyarmstrong

    kellyarmstrong Thread Starter

    Joined:
    May 15, 2012
    Messages:
    148
    OK, they are now uninstalled. Hopefully that's all. Yes,the PC optimizer was in the control panel, so I deleted it. Thanks a bunch. Does everything look good now?
     
  15. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    It sounds like you're getting impatient or frustrated or both.

    ----------------------------------------------------------------

    Start HiJackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then copy-and-paste the entire log here.

    ----------------------------------------------------------------
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1084829

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice