1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Funmood has really messed up things..

Discussion in 'Virus & Other Malware Removal' started by Roseya28, Jul 4, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    Funmood installed on my computor while I was downloading a vehicle manual and now things are really messed up. I have gone to tools and changed my default setting and deleted Funmood from there. I have also gone to internet options and reset internet options, I deleted Funmood from my programs and still it pops up. Also now I am receiving messages of "Multiple threat detection", its a window that pops up listing files that are threats. I have gone to the files indicated and deleted them but more seem to be created daily that replace the deleted ones. I do not know how to proceed. Please help me.. I am not very computor savy so I hope this is what is needed to help.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:58:17 AM, on 7/4/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\SelectRebates\SelectRebates.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Owner\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fm...0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fm...0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\tbElf_.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: Elf 1.12 - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf2.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
    O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
    O3 - Toolbar: Elf 1.12 Toolbar - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf2.dll
    O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\tbElf_.dll
    O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    O4 - HKCU\..\Run: [SPMTray] "C:\Program Files\PC Speed Maximizer\SPMTray.exe"
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O4 - Global Startup: MRI_DISABLED
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - http://fredmeyer.pnimedia.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: KodakDigitalDisplayService - Orb Networks, Inc. - C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    --
    End of file - 9357 bytes

    End of file - 9357 bytes
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
    Run by Owner at 1:04:14 on 2012-07-04
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.832 [GMT -7:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\SelectRebates\SelectRebates.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\WINDOWS\System32\notepad.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://start.funmoods.com/?f=1&a=fmtoby&chnl=fmtoby&cd=2XzutAtN2Y1L1QzutDtDtC0C0B0FyEyBtB0DtA0A0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    uSearch Bar = Preserve
    mStart Page = hxxp://start.funmoods.com/?f=1&a=fmtoby&chnl=fmtoby&cd=2XzutAtN2Y1L1QzutDtDtC0C0B0FyEyBtB0DtA0A0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
    uInternet Settings,ProxyOverride = *.local
    mURLSearchHooks: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\prxtbElf2.dll
    mURLSearchHooks: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - c:\program files\elf_1\tbElf_.dll
    mURLSearchHooks: H - No File
    BHO: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - c:\program files\elf_1\tbElf_.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
    BHO: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\prxtbElf2.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: Funmoods Helper Object: {75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} - c:\progra~1\funmoods\1.5.23.22\bh\escort.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: ShopAtHomeIEHelper Class: {e8daaa30-6caa-4b58-9603-8e54238219e2} - c:\program files\selectrebates\toolbar\ShopAtHomeToolbar.dll
    TB: ShopAtHome.com Toolbar: {98279c38-de4b-4bcf-93c9-8ec26069d6f4} - c:\program files\selectrebates\toolbar\ShopAtHomeToolbar.dll
    TB: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\prxtbElf2.dll
    TB: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - c:\program files\elf_1\tbElf_.dll
    TB: Funmoods Toolbar: {a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - c:\progra~1\funmoods\1.5.23.22\escorTlbr.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [HLBackupScheduler] c:\program files\verizon v cast media manager\V CAST Backup Scheduler.exe
    uRun: [SPMTray] "c:\program files\pc speed maximizer\SPMTray.exe"
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SelectRebates] c:\program files\selectrebates\SelectRebates.exe
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [<NO NAME>]
    mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
    mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mri_di~1\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mri_di~1\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
    uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://fredmeyer.pnimedia.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab
    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{704FD937-485D-451D-9B6C-5E6F3A3F122B} : DhcpNameServer = 68.87.69.150 68.87.85.102
    TCP: Interfaces\{88BF0478-8BF4-4304-86F5-E82CFB3E1628} : DhcpNameServer = 75.75.75.75 75.75.76.76
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\j34qzvy5.default\
    FF - prefs.js: browser.search.selectedEngine - Search
    FF - prefs.js: browser.startup.homepage - hxxp://start.funmoods.com/?f=1&a=fmtoby&chnl=fmtoby&cd=2XzutAtN2Y1L1QzutDtDtC0C0B0FyEyBtB0DtA0A0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.funmoods.hmpg - true
    FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=fmtoby&chnl=fmtoby&cd=2XzutAtN2Y1L1QzutDtDtC0C0B0FyEyBtB0DtA0A0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    FF - user.js: extensions.funmoods.dfltSrch - true
    FF - user.js: extensions.funmoods.srchPrvdr - Search
    FF - user.js: extensions.funmoods.dnsErr - true
    FF - user.js: extensions.funmoods_i.newTab - true
    FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=fmtoby&chnl=fmtoby&cd=2XzutAtN2Y1L1QzutDtDtC0C0B0FyEyBtB0DtA0A0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    FF - user.js: extensions.funmoods.tlbrSrchUrl -
    FF - user.js: extensions.funmoods.id - 2006f553000000000000001cbf472d3a
    FF - user.js: extensions.funmoods.instlDay - 15522
    FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
    FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
    FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:22:1
    FF - user.js: extensions.funmoods.prtnrId - funmoods
    FF - user.js: extensions.funmoods.prdct - funmoods
    FF - user.js: extensions.funmoods.aflt - fmtoby
    FF - user.js: extensions.funmoods_i.smplGrp - none
    FF - user.js: extensions.funmoods.tlbrId - base
    FF - user.js: extensions.funmoods.instlRef - fmtoby
    FF - user.js: extensions.funmoods.dfltLng -
    FF - user.js: extensions.funmoods.excTlbr - false
    FF - user.js: extensions.funmoods.autoRvrt - false
    FF - user.js: extensions.funmoods.envrmnt - production
    FF - user.js: extensions.funmoods.isdcmntcmplt - true
    FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
    .
    FF - user.js: extensions.autoDisableScopes - 14
    .
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-2-5 21504]
    R2 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2009-5-14 98304]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-23 257224]
    S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [2006-7-30 580992]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-2 227232]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2012-07-04 06:26:12 -------- d-----w- c:\users\owner\Documents(515)
    2012-07-02 19:37:21 -------- d-----w- c:\users\owner\New Folder
    2012-07-02 15:14:12 -------- d-----w- c:\users\owner\appdata\roaming\SpeedMaxPc
    2012-07-02 15:14:12 -------- d-----w- c:\users\owner\appdata\roaming\DriverCure
    2012-07-02 15:14:02 -------- d-----w- c:\programdata\SpeedMaxPc
    2012-07-02 07:27:04 -------- d-----w- c:\users\owner\appdata\roaming\BabylonToolbar
    2012-07-02 07:26:59 -------- d-----w- c:\program files\BabylonToolbar
    2012-07-02 07:26:45 -------- d-----w- c:\users\owner\appdata\roaming\Babylon
    2012-07-02 07:26:45 -------- d-----w- c:\programdata\Babylon
    2012-07-01 22:41:30 -------- d-----w- c:\users\owner\appdata\local\Macromedia
    2012-07-01 20:48:07 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ae4a026b-6d2d-42f1-beb5-1106e8802264}\mpengine.dll
    2012-07-01 20:23:12 -------- d-----w- c:\programdata\Tarma Installer
    2012-07-01 20:23:02 -------- d-----w- c:\program files\PC Speed Maximizer
    2012-07-01 20:22:04 -------- d-----w- c:\users\owner\appdata\local\Google
    2012-07-01 04:01:39 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
    2012-07-01 04:01:39 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
    2012-06-26 19:37:09 -------- d-----w- c:\users\owner\appdata\roaming\AVG
    2012-06-26 18:17:55 -------- d-----w- c:\users\owner\appdata\roaming\TuneUp Software
    2012-06-26 18:17:46 -------- d-----w- c:\programdata\TuneUp Software
    2012-06-26 18:17:41 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
    2012-06-23 16:23:01 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-23 16:22:45 88576 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-21 01:11:33 33792 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-21 01:11:33 171904 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-12 21:13:40 984064 ----a-w- c:\windows\system32\crypt32.dll
    2012-06-12 21:13:40 98304 ----a-w- c:\windows\system32\cryptnet.dll
    2012-06-12 21:13:40 133120 ----a-w- c:\windows\system32\cryptsvc.dll
    2012-06-12 21:13:27 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-12 21:13:26 2045440 ----a-w- c:\windows\system32\win32k.sys
    2012-06-07 04:29:20 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
    .
    ==================== Find3M ====================
    .
    2012-06-11 23:50:47 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-11 23:50:47 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-07 04:29:09 472864 ----a-w- c:\windows\system32\deployJava1.dll
    2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
    2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-04-19 11:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    2012-04-19 03:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-04-19 03:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
    .
    ============= FINISH: 1:05:20.89 ===============
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/21/2007 2:34:52 AM
    System Uptime: 7/4/2012 12:19:56 AM (1 hours ago)
    .
    Motherboard: Wistron | | 30CD
    Processor: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz | U2E1 | 1500/667mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 225 GiB total, 156.441 GiB free.
    D: is FIXED (NTFS) - 8 GiB total, 1.853 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP420: 6/14/2012 12:12:51 PM - Scheduled Checkpoint
    RP421: 6/15/2012 7:02:08 PM - Scheduled Checkpoint
    RP422: 6/16/2012 11:57:19 AM - Scheduled Checkpoint
    RP423: 6/17/2012 9:40:50 AM - Scheduled Checkpoint
    RP424: 6/19/2012 9:15:00 AM - Windows Update
    RP425: 6/20/2012 11:09:32 AM - Scheduled Checkpoint
    RP426: 6/20/2012 6:11:00 PM - Windows Update
    RP428: 6/23/2012 9:22:06 AM - Windows Update
    RP429: 6/25/2012 8:00:28 PM - Scheduled Checkpoint
    RP430: 6/26/2012 4:27:28 PM - Scheduled Checkpoint
    RP431: 6/28/2012 7:57:47 AM - Scheduled Checkpoint
    RP432: 6/29/2012 10:34:16 AM - Scheduled Checkpoint
    RP433: 6/30/2012 9:00:13 PM - Removed TuneUp Utilities 2012
    RP434: 6/30/2012 9:01:33 PM - Removed TuneUp Utilities Language Pack (en-US)
    RP435: 7/1/2012 9:49:01 AM - Removed iTunes
    RP436: 7/1/2012 9:51:50 AM - Removed iTunes
    RP437: 7/1/2012 1:47:24 PM - Windows Update
    RP438: 7/1/2012 2:18:01 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP439: 7/1/2012 2:32:38 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP440: 7/2/2012 11:16:19 AM - Scheduled Checkpoint
    RP441: 7/3/2012 4:00:02 PM - Scheduled Checkpoint
    RP442: 7/4/2012 12:12:21 AM - Restore Operation
    .
    ==== Installed Programs ======================
    .
    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Adobe Flash Player 11 ActiveX
    Adobe Reader 8
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft Print Creations
    ArcSoft Print Creations - Album Page
    ArcSoft Print Creations - Funhouse
    ArcSoft Print Creations - Greeting Card
    ArcSoft Print Creations - Photo Book
    ArcSoft Print Creations - Photo Calendar
    ArcSoft Print Creations - Scrapbook
    ArcSoft Print Creations - Slimline Card
    AVG 2012
    BlazePhoto 2.0
    Bonjour
    CCScore
    Conexant HD Audio
    Coupon Printer for Windows
    Elf 1 Toolbar
    Elf 1.12 Toolbar
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESSini
    ESSPCD
    ESSTOOLS
    essvatgt
    ESU for Microsoft Vista
    ffdshow [rev 2527] [2008-12-19]
    HDAUDIO Soft Data Fax Modem with SmartCP
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Active Support Library 32 bit components
    HP Customer Experience Enhancements
    HP Doc Viewer
    HP Easy Setup - Frontend
    HP Help and Support
    HP Photosmart Essential 2.0
    HP Photosmart Essential2.5
    HP Quick Launch Buttons 6.20 B1
    HP QuickPlay 3.2
    HP Update
    HP User Guides 0060
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    HPNetworkAssistant
    Intel Matrix Storage Manager
    Intel(R) Graphics Media Accelerator Driver
    Java Auto Updater
    Java(TM) 6 Update 32
    Java(TM) SE Runtime Environment 6
    KEDDS
    kgcbaby
    kgchday
    kgchlwn
    kgcinvt
    kgckids
    kgcmove
    kgcvday
    Kodak EasyShare software
    LightScribe 1.4.136.1
    Malwarebytes Anti-Malware version 1.61.0.1400
    Marvell Miniport Driver
    McAfee Security Scan Plus
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office 2000 Professional
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    Mozilla Firefox 11.0 (x86 en-US)
    MSCU for Microsoft Vista
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee autoProducer 6.0
    My HP Games
    netbrdg
    NetWaiting
    OfotoXMI
    OVT Scanner X86
    Photo Viewer 3.10 (with Outlook Sync)
    PSSWCORE
    QuickTime
    Rhapsody
    Rhapsody Player Engine
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
    Roxio Activation Module
    Roxio Creator Audio
    Roxio Creator Basic v9
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator EasyArchive
    Roxio Creator Tools
    Roxio Express Labeler 3
    Roxio MyDVD Basic v9
    SAMSUNG USB Driver for Mobile Phones
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    SFR
    SHASTA
    ShopAtHome.com Toolbar
    skin0001
    SKINXSDK
    staticcr
    Touch Pad Driver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    VPRINTOL
    WIRELESS
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/4/2012 12:22:48 AM, Error: Service Control Manager [7022] - The CyberLink Background Capture Service (CBCS) service hung on starting.
    7/4/2012 12:22:48 AM, Error: Service Control Manager [7001] - The CyberLink Task Scheduler (CTS) service depends on the CyberLink Background Capture Service (CBCS) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
    7/4/2012 12:22:05 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/4/2012 12:04:17 AM, Error: Service Control Manager [7022] - The KodakDigitalDisplayService service hung on starting.
    7/4/2012 12:02:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Matrix Storage Event Monitor service to connect.
    7/4/2012 12:02:50 AM, Error: Service Control Manager [7000] - The Intel(R) Matrix Storage Event Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/2/2012 8:41:18 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.
    7/2/2012 8:41:18 AM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/2/2012 12:19:39 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
    7/1/2012 2:34:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.
    7/1/2012 2:29:46 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: is3srv
    7/1/2012 12:11:33 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
    6/30/2012 7:13:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.
    6/30/2012 7:13:45 PM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/30/2012 2:29:30 PM, Error: ACPI [10] - ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x5), Please contact your system vendor for technical assistance.
    6/29/2012 5:43:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
    .
    ==== End Of File ===========================
     
  2. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    Do the following in the order that they're listed.

    DON'T use the computer while each scan is in progress.

    --------------------------------------------------------

    Download and save and then install the free version of

    Malwarebytes Anti-Malware
    (It appears to already be installed. If it's not, reinstall it.)

    SUPERAntiSpyware

    Make sure to update their definition files during the install process.

    Make sure to uncheck and decline to install any extras, such as toolbars and homepages, they may offer.

    After they're installed and updated, restart the computer.

    -------------------------------------------------------

    Start Malwarebytes Anti-Malware.

    Click "Scanner(tab) - Perform quick scan - Scan".

    If infections or problems are found during the scan, the number of them will be highlighted in red.

    When the scan is finished, click "Show Results".

    Make sure that EVERYTHING is selected, then click "Remove Selected".

    If you're prompted to restart to finish the removal process, click "Yes".

    Start Malwarebytes Anti-Malware again.

    Click "Logs"(tab).

    Highlight the scan log entry, then click "Open".

    When the scan log appears in Notepad, copy-and-paste it here.

    -------------------------------------------------------

    Start SUPERAntiSpyware.

    Select the "Quick Scan" option, then click "Scan your Computer".

    If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

    When the scan is finished and the scan summary window appears, click "Continue".

    Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

    Click "OK - Finish".

    If you're prompted to restart to finish the removal process, do so.

    Start SUPERAntiSpyware again.

    Click "View Scan Logs".

    Highlight the scan log entry, then click "View Selected Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    -------------------------------------------------------
     
  3. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    The ONLY scan log that's needed is the most current one - which I've copied and pasted here.

    Click the orange Edit link in post #3, then click the Delete button, then select Delete Message, then click the Delete This Message button.

    -----------------------------------------------------------

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org
    Database version: v2012.07.04.05
    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Owner :: OWNER-PC [administrator]
    7/4/2012 10:16:52 AM
    mbam-log-2012-07-04 (10-16-52).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 224676
    Time elapsed: 7 minute(s), 55 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 22
    HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKCR\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKCR\funmoods.funmoodsHlpr (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
    HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\escort.escortIEPane (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\funmoods.dskBnd (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.
    Registry Values Detected: 2
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully.
    Registry Data Items Detected: 0
    (No malicious items detected)

    ------------------------------------------------------------
     
  4. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    OK this is the logs from the SuperAntiSpyware..WOW lots more stuff..
    I think I got it all. While I was going through the different scans the message Multiple Threat Detection came up many times. I just closed the box and continued with the scans. Thanks for your time.

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    Generated 07/04/2012 at 11:13 AM
    Application Version : 5.5.1006
    Core Rules Database Version : 8845
    Trace Rules Database Version: 6657
    Scan type : Quick Scan
    Total Scan Time : 00:08:36
    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User (Administrator User)
    Memory items scanned : 771
    Memory threats detected : 1
    Registry items scanned : 29166
    Registry threats detected : 22
    File items scanned : 9281
    File threats detected : 86
    Adware.ShopAtHomeSelect
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32#ThreadingModel
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\ProgID
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\Programmable
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\TypeLib
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\VersionIndependentProgID
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    HKCR\ToolBand.ShopAtHomeIEHelper.1
    HKCR\ToolBand.ShopAtHomeIEHelper.1\CLSID
    HKCR\ToolBand.ShopAtHomeIEHelper
    HKCR\ToolBand.ShopAtHomeIEHelper\CLSID
    HKCR\ToolBand.ShopAtHomeIEHelper\CurVer
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0\win32
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\FLAGS
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\HELPDIR
    C:\PROGRAM FILES\SELECTREBATES\TOOLBAR\SHOPATHOMETOOLBAR.DLL
    HKU\S-1-5-21-2137073662-1921749246-275238053-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    Adware.ShopAtHome/SelectRebates
    [SelectRebates] C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
    C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
    C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
    Adware.SelectRebates
    C:\Program Files\SELECTREBATES\FFToolbar\chrome.manifest
    C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences\sahtoolbar.js
    C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences
    C:\Program Files\SELECTREBATES\FFToolbar\defaults
    C:\Program Files\SELECTREBATES\FFToolbar\install.rdf
    C:\Program Files\SELECTREBATES\FFToolbar
    C:\Program Files\SELECTREBATES\SelectAlerts.dat
    C:\Program Files\SELECTREBATES\SelectRebates.ini
    C:\Program Files\SELECTREBATES\SelectRebatesA.dat
    C:\Program Files\SELECTREBATES\SelectRebatesApi.exe
    C:\Program Files\SELECTREBATES\SelectRebatesB.dat
    C:\Program Files\SELECTREBATES\SelectRebatesBT.dat
    C:\Program Files\SELECTREBATES\SelectRebatesDownload.exe
    C:\Program Files\SELECTREBATES\SelectRebatesUninstall.exe
    C:\Program Files\SELECTREBATES\SRebates.dll
    C:\Program Files\SELECTREBATES\SRFF3.dll
    C:\Program Files\SELECTREBATES\Toolbar\Basis.xml.dym
    C:\Program Files\SELECTREBATES\Toolbar\ImageCache
    C:\Program Files\SELECTREBATES\Toolbar\RightControls.dym
    C:\Program Files\SELECTREBATES\Toolbar
    C:\Program Files\SELECTREBATES
    C:\Windows\Prefetch\SELECTREBATESDOWNLOAD.EXE-726CA745.pf
    Adware.Tracking Cookie
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\TQAX3HVI.txt [ /stopzilla.com ]
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\2B3NAC7A.txt [ /www.stopzilla.com ]
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\GTEK5443.txt [ /apmebf.com ]
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\LV2FOA9N.txt [ /at.atwola.com ]
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\CS3I143Z.txt [ /stats.paypal.com ]
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\1G6DNLC0.txt [ /doubleclick.net ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZWYZP5BY.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\MYT8B1LL.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JYIUDM8.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\95TXFALP.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\L8B0OENY.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ANM9J7DI.txt [ [email protected]/pagead/conversion/1026649162/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\TXJQDZLQ.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\P9G9G15L.txt [ [email protected]/pagead/conversion/964178336/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\V7JUPEJK.txt [ [email protected]/pagead/conversion/950659976/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\2S9Y9N7I.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\RECUBYT3.txt [ [email protected]/
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\J28SOL1Y.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\L71VFBQJ.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\LJJU31HM.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\SU240VW6.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\KN7SL0NN.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ [email protected]/discount-travel/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\TQ4UWHSI.txt [ [email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\USSJFIRZ.txt [ Cookie:eek:[email protected]/pagead/conversion/1024255334/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\1K9UE3NU.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\TKAZQGLW.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\5K4E9J4H.txt [ Cookie:eek:[email protected]/pagead/conversion/986880666/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\YWXAP3UW.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\05WYO0OL.txt [ Cookie:eek:[email protected]/pagead/conversion/1032882166/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\4MM10760.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\FGRDV6JZ.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\MDGXFA6I.txt [ Cookie:eek:[email protected]/hc/90456188 ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OINUVPAG.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JD1VL6Y.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QZ0OPGY5.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\FPYXXMNN.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\PAKQ0OCI.txt [ Cookie:eek:[email protected]/adserving ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\H65LPHYV.txt [ Cookie:eek:[email protected]/mywebsearch/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\GBSN2803.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\WOVMI5E0.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q9ND40WZ.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\WJ4UINJJ.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\E6CI4SO7.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZ4PDKUP.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\D5DQXF7Z.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\V7OQXPB5.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\7EGI8FPG.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\HMRIVY1T.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\VSPHZ5H9.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ORTBL5NQ.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\LA0M151J.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\8ANLCF51.txt [ Cookie:eek:[email protected]/ ]
    .doubleclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J34QZVY5.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\OWNER\Cookies\TQAX3HVI.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\Cookies\2B3NAC7A.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\Cookies\CS3I143Z.txt [ Cookie:eek:[email protected]/ ]
    C:\USERS\OWNER\Cookies\1G6DNLC0.txt [ Cookie:eek:[email protected]/ ]
    PUP.MyWebSearch
    C:\USERS\OWNER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KS350W1D\hp.home-base[1].js [ cache:mywebsearch.com ]
    C:\USERS\OWNER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QTIDDLNI\unified[1].css [ cache:mywebsearch.com ]
    C:\USERS\OWNER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\413I1JSJ\mws-oasis-compressed[1].js [ cache:mywebsearch.com ]
    C:\USERS\OWNER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KPKRYDIP\hp.home-base[1].js [ cache:mywebsearch.com ]
     
  5. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    Please read the top-most part of post #4 and make sure to delete all of post #3 as instructed.

    Did you allow the SUPERAntiSpyware scan to finish, and did you select and remove EVERYTHING it found?

    You should've been prompted to restart the computer after each scan so the removal process could finish.

    ----------------------------------------------------------
     
  6. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    Here is the top of post 4..
    Yes I allowed the scans to complete and I restarted the computer after each scan.

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    Generated 07/04/2012 at 11:13 AM
    Application Version : 5.5.1006
    Core Rules Database Version : 8845
    Trace Rules Database Version: 6657
    Scan type : Quick Scan
    Total Scan Time : 00:08:36
    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User (Administrator User)
    Memory items scanned : 771
    Memory threats detected : 1
    Registry items scanned : 29166
    Registry threats detected : 22
    File items scanned : 9281
    File threats detected : 86
     
  7. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    I don't know why you submitted the top portion of your SUPERAntiSpyware log, but thanks for deleting post #3 with all those old Malwarebytes logs.

    ------------------------------------------------------------

    Start HijackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then copy-and-paste it here.

    ------------------------------------------------------------
     
  8. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    Log file from Hijackthis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:24:01 PM, on 7/5/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
    C:\Users\Owner\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fm...0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fm...0FyDyDtAtN0D0TzutBtDtCtBtDyBtDtC&cr=814285469
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\tbElf_.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: Elf 1.12 - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf2.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (file missing)
    O3 - Toolbar: Elf 1.12 Toolbar - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf2.dll
    O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\tbElf_.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    O4 - HKCU\..\Run: [SPMTray] "C:\Program Files\PC Speed Maximizer\SPMTray.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O4 - Global Startup: MRI_DISABLED
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - http://fredmeyer.pnimedia.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: KodakDigitalDisplayService - Orb Networks, Inc. - C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    --
    End of file - 8986 bytes
     
  9. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    Start HiJackThis, then click "Do a system scan only".

    When the scan is finished in about 30 - 60 seconds, put a checkmark in these log entries:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fmt...C&cr=814285469

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fmt...C&cr=814285469

    O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\tbElf_.dll

    O2 - BHO: Elf 1.12 - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf2.dl

    O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (file missing)

    O3 - Toolbar: Elf 1.12 Toolbar - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files\Elf_1.12\prxtbElf2.dll

    O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files\Elf_1\tbElf_.dll

    O4 - HKCU\..\Run: [SPMTray] "C:\Program Files\PC Speed Maximizer\SPMTray.exe"

    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?


    After you confirm that you selected the CORRECT log entries, click "Fix Checked - Yes".

    Close HiJackThis, then restart the computer.

    ---------------------------------------------------------

    Go to Control Panel - Programs And Features, then uninstall

    Elf 1 Toolbar

    Elf 1.12 Toolbar

    Java(TM) SE Runtime Environment 6

    McAfee Security Scan Plus

    PC Speed Maximizer

    ShopAtHome.com Toolbar


    If you don't use LightScribe for creating and burning labels on discs, uninstall it too.

    After you're all done, restart the computer.

    ---------------------------------------------------------

    Start HiJackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then copy-and-paste it here.

    ---------------------------------------------------------
     
  10. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    Copy of log file for Hijackthis...I did not find LightScribe in the program list so I could not delete it. Also the same messages "Multiple Threat Detection" are popping up.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:04:31 PM, on 7/5/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Owner\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: MRI_DISABLED
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_32.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - http://fredmeyer.pnimedia.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: KodakDigitalDisplayService - Orb Networks, Inc. - C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    --
    End of file - 8313 bytes
     
  11. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    I also received this message when I was registering on a website...

    Our server has detected the presence of multiple IP connections from your machine, with one of the connections being an "Open Proxy" or blacklisted IP. Connections of this nature are often used in order to abuse, spam or defraud and are being recorded for legal use. Our server has denied you any further access until both IP addresses can be resolved or the presence of the Open Proxy connection closed.
     
  12. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    You've got issues that are beyond my expertise, so I've requested a gold/blue shield removal specialist to jump in to help you.

    ------------------------------------------------------------
     
  13. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    Thank you for the time you spent with me. I do appreciate it. Have a great day.
     
  14. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,659
    Just something for you to remember and be aware of in the future.

    The install of a new program or the update of a currently-installed program will usually give you the option of unchecking and declining to install any extras, such as toolbars and homepages and scanners.

    Read each window carefully that appears during the install/update process and don't blindly accept the default option.

    That's how those unneeded and problematic extras accumulate in a computer and start causing problems.

    -----------------------------------------------------
     
  15. Roseya28

    Roseya28 Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    8
    Thanks for the advice and I found out the hard way. But I know now.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1059619