[Vickeye]

which "it's"? the registry search?

Yep, the registry search. I don't really get what Dave Taylor means by 'keys', I'm really not computer literate at all.

[Advertisements]

keys are what show up in that registry search...let's take a step back and try a couple of other things

first try this http://support.microsoft.com/kb/910654 (just the first set of steps)
report any errors

second check in c:\program files and tell me if there are any other folders there related to AV software

[dsenette]

keys are what show up in that registry search...let's take a step back and try a couple of other things

first try this http://support.microsoft.com/kb/910654 (just the first set of steps)
report any errors

second check in c:\program files and tell me if there are any other folders there related to AV software

[happyrock]

you could also try Windows Installer CleanUp Utility go here to get it...
instructions are here..

Edited by happyrock, 10 September 2008 - 07:52 AM.

[dsenette]

and once you do those steps go here and download the Windows Installer Cleanup Utility package and run it according to the MS instructions...

<----take that rick (heheheh i called him rick)

[happyrock]

ease up monkeyman...its rock...

Edited by happyrock, 10 September 2008 - 07:57 AM.

[Vickeye]

keys are what show up in that registry search...let's take a step back and try a couple of other things

first try this http://support.microsoft.com/kb/910654 (just the first set of steps)
report any errors

second check in c:\program files and tell me if there are any other folders there related to AV software

Ok, done the first bit and couldn't see any errors. Did a search in programme files for AV software and can't find anything.

[dsenette]

try installing AVG again

[Vickeye]

It still says there's another antivirus thing in the system. The only thing I can now find is a pop-up blocker, surely it's not that?!

[happyrock]

click on start...run...type in msconfig...press enter...click on startup tab...
uncheck everything ...if its a laptop you have to be careful about what you uncheck or your touch pad and wireless and things like that will not function for you..
google each start up item to decide if you need it to load with windows...unchecking them does not remove them ..they are still available to use...

[Vickeye]

Does 'winssnotify' mean anything to anyone?

[dsenette]

quick bit here....with your limited computer knowledge it might be better to just start in safe mode instead of doing the MSConfig steps since you're not going to be able to really tell what to keep and what not to keep

however...for this issue that may not resolve things yet since there MIGHT still be part of another AV running on your system which will just cause further conflicts...let's try to clear that up before we try to force AVG in

to get into safe mode: While starting your computer tap the F8 key once every second during the memory count up, or during the system spash screen where you see the system maker's name (HP, COMPAQ, DELL....etc.)

This will result in a text based menu. Use the curors/arrorw keys to navigate to SAFE MODE and hit enter.


but first

Lets take a look at what is starting up when your computer does. Please download HiJackThis, install it, and double-click on the HiJackThis.exe icon. On the first screen click on Open the Misc Tools Section...On the next screen, click on the Generate StartupList log button and post a copy of the log here. You need not check either of the boxes next to this button

[sari]

The winssnotify is still part of Windows Onecare; the anti-virus that won't die. Let's see what comes up in the startup list.

[dsenette]

also on the misc tab in HJT click on the "open uninstall manager" button and press the "save list" button...safe that file somewhere then copy the contents with your next post

[Vickeye]

Ok, here it is:

StartupList report, 10/09/2008, 15:44:57
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16705)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Picture Package VCD Maker.lnk = ?
Picture Package Menu.lnk = ?

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

NeroCheck = C:\WINDOWS\System32\\NeroCheck.exe
LtMoh = C:\Program Files\ltmoh\Ltmoh.exe
HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe
BJCFD = C:\Program Files\BroadJump\Client Foundation\CFD.exe
AGRSMMSG = AGRSMMSG.exe
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
OneCareUI = "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
vddbad7e = RUNDLL32.EXE w001e1b5.dll,n 001bad7d0000000a001e1b5

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=
SCRNSAVE.EXE=C:\WINDOWS\AQUATI~1.SCR
drivers=

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - (no file) - {1AB50067-BAAD-C573-82F3-C06930FB8694}
WormRadar.com IESiteBlocker.NavFilter - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
(no name) - (no file) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}

--------------------------------------------------

Enumerating Task Scheduler jobs:

AppleSoftwareUpdate.job
Symantec NetDetect.job
MP Scheduled Quick Scan.job

--------------------------------------------------

Enumerating Download Program Files:

[QuickTime Object]
InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com...ex/qtplugin.cab

[{62475759-9E84-458E-A1AB-5D2C442ADFDE}]
CODEBASE = http://a1540.g.akama...meInstaller.exe

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
CODEBASE = http://fpdownload.ma...ent/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
End of report, 5,584 bytes
Report generated in 0.120 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

[dsenette]

did you ever have symantec antivirus installed?