Solve : Too many Internet Explorers.?

1.	Solve : Too many Internet Explorers.?
Answer» Hi, Since a couple of days , I've been having this PROBLEM, when I login my IE automatically comes up(Thats not a problem though cause its like the Advertisement window for my ISP) I always close it and open firefox but these days when I close it so many IE windows open up one after the other , I close them through Task Manager but its very annoying ,Is there anything I can do about it? Thanks.You may be infected... Download HijackThis: http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download Click on Download HijackThis Installer Post HijackTHis log.Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:13:36 AM, on 4/28/2008 Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\SERVICES.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\OfficeScan Client\Misc\xpupg.exe C:\Program Files\Sify Broadband\BBClient.exe C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe C:\WINDOWS\TEMP\WH700A.EXE C:\Program Files\Sify Broadband\BBImpSec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: (no NAME) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL O1 - Hosts: 203.27.235.25 www.payseal.icicibank.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{E7A9FCE5-A2FA-45D5-993C-A623B5B9CEDF}: NameServer = 202.144.13.50,202.144.66.6 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe -- End of file - 5067 bytes Already had this trend micro Hijackthis installed on my computer so I just used that instead. You have couple of nasties there, but... First of all, you have two AV programs running: AVG, and TrendMicro OfficeScan Client One has to go. Let me know. Ivy, Ivy, didn't I tell you in the past, to ask around, before installing some serious programs? Bad, bad girl Sorry but I didn't know I was unaware that any of my programs are serious, what are they, just so that I know. Here is my sad story. My ISP provide with Trend micro on giving the connection but it is good for nothing and my computer used to get infected, so I uninstalled it but then this MESSAGE would come up saying I cannot connect to internet cause I dont have an antivirus and the only option was to download their recommended trend micro, so I got this Idea , I installed trendmicro and then downloaded AVG and now as soon as I turn on my pc I unload (exit)trendmicro and AVG runs properly. i can't even uninstall trendmicro cause my ISP detects it and says I need to use their recommended antivirus or else I have to buy an antivirus , I wont do that cause I like AVG one month trials. What shall I do? Quote as I turn on my pc I unload (exit)trendmicro It's not that easy, because, as I can see from HJT, number of TrendMicro services are running, and this is causing conflict with AVG. For now, I see no other option, but uninstalling AVG. Then you may want to call your ISP, and ask them what is the way around this problem. When you uninstall AVG, post new HJT log.waaaaaaaa Yes Sir! I'll just do that and post the log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:10:42 AM, on 4/28/2008 Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Sify Broadband\BBClient.exe C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe C:\WINDOWS\TEMP\AC4F20.EXE C:\Program Files\Sify Broadband\BBImpSec.exe C:\Program Files\Trend Micro\OfficeScan Client\TSC.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL O1 - Hosts: 203.27.235.25 www.payseal.icicibank.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{E7A9FCE5-A2FA-45D5-993C-A623B5B9CEDF}: NameServer = 202.144.13.50,202.144.66.6 O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe -- End of file - 4149 bytes Oh Nooooooo!!!!! Broni I just realized that Trend Micro has a firewall(just for name sake , its actually useless) and I'm using comodo as well , thats gonna make another conflict!!!!!!! When I was using just trend micro my comp got really badly infected, I had to reformat so many times till I finally got Comodo. * You may consider upgrading your IE to version 7. Safer. * What Java version is reported here: http://www.java.com/en/download/installed.jsp Update, if necessary, and uninstall older versions through Add\Remove * Go to Add\Remove, and uninstall AskPBar 1. Print this post out, since you won't have an access to it, at some point.** 2. Close all windows, except for HijackThis. 3. Put a checkmark next to the following HijackThis entries (some entries will be checkmarked to disable unnecessary startups; in those cases (marked with ), no actual program will be removed): - R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL - O1 - Hosts: 203.27.235.25 www.payseal.icicibank.com - O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) - O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL - O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) - O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL - O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL - O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe - O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide 4. Click on Fix checked* button. 5. Restart your computer in Safe Mode (keep tapping F8 key, when your computer starts, until menu appears) 6. Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders. 7. Delete following files/folders (if present): - AC4F20.EXE file from C:\WINDOWS\TEMP - AskPBar folder from C:\Program Files 8. Restart in Normal Mode. 9. Post new HijackThis log.Well. You have to uninstall Comodo, as well. Talk to your ISP.Broni I don't use IE , I use Firefox Do i still need to upgrade it? Remember the not orignal windows thing , do i still update Jave ? I'll print this in the mean time.You don't have to go to M$ to get IE7. You can get it here: http://www.softpedia.com/progDownload/Internet-Explorer-7-Download-25028.html Even, if you don't use IE, it's still on your computer, so, you should have an updated version, for security reasons. Java update is a must.Updating Java............

Answer»

Hi,
Since a couple of days , I've been having this PROBLEM, when I login my IE automatically comes up(Thats not a problem though cause its like the Advertisement window for my ISP) I always close it and open firefox but these days when I close it so many IE windows open up one after the other , I close them through Task Manager but its very annoying ,Is there anything I can do about it?

Thanks.You may be infected...

Download HijackThis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
Click on Download HijackThis Installer
Post HijackTHis log.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:36 AM, on 4/28/2008
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\SERVICES.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\OfficeScan Client\Misc\xpupg.exe
C:\Program Files\Sify Broadband\BBClient.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\WINDOWS\TEMP\WH700A.EXE
C:\Program Files\Sify Broadband\BBImpSec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: (no NAME) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O1 - Hosts: 203.27.235.25 www.payseal.icicibank.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7A9FCE5-A2FA-45D5-993C-A623B5B9CEDF}: NameServer = 202.144.13.50,202.144.66.6
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

--
End of file - 5067 bytes
Already had this trend micro Hijackthis installed on my computer so I just used that instead.
You have couple of nasties there, but...
First of all, you have two AV programs running: AVG, and TrendMicro OfficeScan Client
One has to go. Let me know.

Ivy, Ivy, didn't I tell you in the past, to ask around, before installing some serious programs?
Bad, bad girl Sorry but I didn't know I was unaware that any of my programs are serious, what are they, just so that I know.

Here is my sad story.

My ISP provide with Trend micro on giving the connection but it is good for nothing and my computer used to get infected, so I uninstalled it but then this MESSAGE would come up saying I cannot connect to internet cause I dont have an antivirus and the only option was to download their recommended trend micro, so I got this Idea , I installed trendmicro and then downloaded AVG and now as soon as I turn on my pc I unload (exit)trendmicro and AVG runs properly.
i can't even uninstall trendmicro cause my ISP detects it and says I need to use their recommended antivirus or else I have to buy an antivirus , I wont do that cause I like AVG one month trials.

What shall I do? Quote

as I turn on my pc I unload (exit)trendmicro

It's not that easy, because, as I can see from HJT, number of TrendMicro services are running, and this is causing conflict with AVG.
For now, I see no other option, but uninstalling AVG.
Then you may want to call your ISP, and ask them what is the way around this problem.
When you uninstall AVG, post new HJT log.waaaaaaaa

Yes Sir!

I'll just do that and post the log. Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:10:42 AM, on 4/28/2008
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sify Broadband\BBClient.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\WINDOWS\TEMP\AC4F20.EXE
C:\Program Files\Sify Broadband\BBImpSec.exe
C:\Program Files\Trend Micro\OfficeScan Client\TSC.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O1 - Hosts: 203.27.235.25 www.payseal.icicibank.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7A9FCE5-A2FA-45D5-993C-A623B5B9CEDF}: NameServer = 202.144.13.50,202.144.66.6
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

--
End of file - 4149 bytes
Oh Nooooooo!!!!!

Broni I just realized that Trend Micro has a firewall(just for name sake , its actually useless) and I'm using comodo as well , thats gonna make another conflict!!!!!!!

When I was using just trend micro my comp got really badly infected, I had to reformat so many times till I finally got Comodo.

*** You may consider upgrading your IE to version 7. Safer.

*** What Java version is reported here: http://www.java.com/en/download/installed.jsp
Update, if necessary, and uninstall older versions through Add\Remove

*** Go to Add\Remove, and uninstall AskPBar

1. Print this post out, since you won't have an access to it, at some point.

2. Close all windows, except for HijackThis.

3. Put a checkmark next to the following HijackThis entries (some entries will be checkmarked to disable unnecessary startups; in those cases (marked with *), no actual program will be removed):

- R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
- O1 - Hosts: 203.27.235.25 www.payseal.icicibank.com
- O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
- O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
- O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
- O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
- O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
- *O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
- *O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

4. Click on Fix checked button.

5. Restart your computer in Safe Mode (keep tapping F8 key, when your computer starts, until menu appears)

6. Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders.

7. Delete following files/folders (if present):

- AC4F20.EXE file from C:\WINDOWS\TEMP
- AskPBar folder from C:\Program Files

8. Restart in Normal Mode.

9. Post new HijackThis log.Well. You have to uninstall Comodo, as well.
Talk to your ISP.Broni I don't use IE , I use Firefox Do i still need to upgrade it?

Remember the not orignal windows thing , do i still update Jave ?

I'll print this in the mean time.You don't have to go to M$ to get IE7. You can get it here: http://www.softpedia.com/progDownload/Internet-Explorer-7-Download-25028.html
Even, if you don't use IE, it's still on your computer, so, you should have an updated version, for security reasons.

Java update is a must.Updating Java............

Solve : Too many Internet Explorers.?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment