Author Topic: Funmoods (not fun at all): can't remove -- Help please.  (Read 1955 times)

0 Members and 1 Guest are viewing this topic.

Offline bobby bear

  • Jr. Member
  • **
  • Posts: 5
    • View Profile
Funmoods (not fun at all): can't remove -- Help please.
« on: December 30, 2012, 01:45:01 AM »
Alohas,

 :sos: Every time I think I've got rid of Funmoods, it pops back up randomly and I feel.... violated (ugghh)!  :thud: I believe I contracted Funmoods while soliciting an attractive free zip-reader.  I removed Funmoods from Firefox and Explorer but occasionally it still pops up when opening a new search.  I found an online forum that said to check out Landzdown and post the results of AdwCleaner:

# AdwCleaner v2.104 - Logfile created 12/29/2012 at 19:12:31
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : bobbybear - BOBBYBEAR-PC
# Boot Mode : Normal
# Running from : C:\Users\bobbybear\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\bobbybear\AppData\Local\funmoods.crx
File Found : C:\Users\bobbybear\AppData\Local\funmoods-speeddial_sf.crx
File Found : C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles\1uxn4vff.default\searchplugins\Askcom.xml
File Found : C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles\1uxn4vff.default\searchplugins\funmoods.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\bobbybear\AppData\LocalLow\AskToolbar
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

File : C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles\1uxn4vff.default\prefs.js

Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\bobbybear\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4635 octets] - [29/12/2012 19:08:12]
AdwCleaner[R2].txt - [4808 octets] - [29/12/2012 19:12:31]

########## EOF - C:\AdwCleaner[R2].txt - [4868 octets] ##########


So, Funmoods is in there (my registry?) at the top and any help removing it would be profoundly appreciated!

Big Alohas,
Bobby

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14480
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #1 on: December 30, 2012, 12:25:32 PM »
Hi, Bobby.  Welcome to LandzDown Forum.

We will do our best to assist you.  However, in order to do so, please follow all instructions provided in the sequence given.  Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use.  This may cause conflicts with the tools being used in the cleanup process.   

If you have questions regarding any of the instructions or problems running any tools, please let us know.

You are so right -- Funmoods is not fun but if you stick with me, I'm sure we can obliterate it.

1.  Please rescan with AdwCleaner.
  • Double-click AdwCleaner.exe to run the tool.
  • Click Delete.
  • Everything that was found will be deleted.
  • Save any open files and approve the reboot.  A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
Note: The log can also be found at C:\AdwCleaner[XX].txt where XX denotes the number of times the application has been run, i.e., S1

2.  Please download Junkware Removal Tool to your desktop.
  • Disable your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it.  If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

3.  Please provide a copy of the logs in the Log Posting Instructions topic.

Note:  Due to the number of logs, it may take more than one reply for all to post.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline bobby bear

  • Jr. Member
  • **
  • Posts: 5
    • View Profile
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #2 on: December 31, 2012, 01:59:31 AM »
 :mitch: Thank you so much for your help Corrine -- so incredibly kind/good!!!  :Hammys pint:

# AdwCleaner v2.104 - Logfile created 12/30/2012 at 19:41:11
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : bobbybear - BOBBYBEAR-PC
# Boot Mode : Normal
# Running from : C:\Users\bobbybear\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\bobbybear\AppData\Local\funmoods.crx
File Deleted : C:\Users\bobbybear\AppData\Local\funmoods-speeddial_sf.crx
File Deleted : C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles

\1uxn4vff.default\searchplugins\Askcom.xml
File Deleted : C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles

\1uxn4vff.default\searchplugins\funmoods.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\bobbybear\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy

\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-

154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-

4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-

405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes

\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-

502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-

4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-

160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-

3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-

E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions

\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights

\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer

\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall

\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-

6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

[{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

File : C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles\1uxn4vff.default

\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?

client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\bobbybear\AppData\Local\Google\Chrome\User Data\Default\Preferences



[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4635 octets] - [29/12/2012 19:08:12]
AdwCleaner[R2].txt - [4927 octets] - [29/12/2012 19:12:31]
AdwCleaner[S1].txt - [4962 octets] - [30/12/2012 19:41:11]

########## EOF - C:\AdwCleaner[S1].txt - [5022 octets] ##########

Big Alohas,
Bobby

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14480
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #3 on: December 31, 2012, 01:08:05 PM »
Hi, Bobby.

Although AdwCleaner appears to have removed Funmoods, there may be leftovers that need to be addressed.  Please see my additional instructions in the post above.

Thank you.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline bobby bear

  • Jr. Member
  • **
  • Posts: 5
    • View Profile
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #4 on: January 02, 2013, 07:41:58 PM »
Hello Corrine,

 :smiley:(I'll post logs in the  Log Posting Instructions next.) I couldn't figure out how to disable AVG -- should I temporarily remove AVG?  Here's the results from the junk-ware removal tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.3.2 (12.29.2012:3)
OS: Windows 7 Home Premium x64
Ran by bobbybear on Wed 01/02/2013 at 12:59:49.55
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/02/2013 at 13:25:03.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thank you so much!  How can I buy you beer?  :Hammys pint:

Offline bobby bear

  • Jr. Member
  • **
  • Posts: 5
    • View Profile
Funmoods elimination (with Corine)!!
« Reply #5 on: January 02, 2013, 08:14:06 PM »
Hello,

Following are two of the three files requested to be posted -- the third file says to "zip it up" before posting, but I don't know how to zip anything up except for trousers.....  :blink:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.7.2
Run by bobbybear at 13:54:52 on 2013-01-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1771.893 [GMT -8:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRunOnce: [Application Restart #2] C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /mailurl:"mailto:dx4rg-3131085313@sale.craigslist.org?subject=TREK%20ROAD%20BIKE-%20Single%20Speed%20-%20%24260%20(oakland%20lake%20merritt%20%2F%20grand)&body=%0A%0Ahttp%3A%2F%2Fsfbay.craigslist.org%2Feby%2Fbik%2F3131085313.html%0A"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6}\3416665602D41646279646023223 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6}\3616665627573747963616 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6}\5465D40224143594E40223 : DHCPNameServer = 192.168.3.1 192.168.1.254 68.94.156.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6}\5465D4E4022533 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2740BAA0-FEA6-4196-8D04-539E8FE2A6F6}\E4141405 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{900D72B3-9BE0-474A-B242-BB3D473EBBB9} : DHCPNameServer = 192.168.1.250
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://acer.msn.com
x64-mDefault_Page_URL = hxxp://acer.msn.com
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\bobbybear\AppData\Roaming\Mozilla\Firefox\Profiles\1uxn4vff.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\bobbybear\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-4-18 22912]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-4-18 20328]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-4-18 62584]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-18 203776]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-6-11 198784]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-4-18 352336]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-6-11 868224]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-4-18 244624]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2011-4-18 260640]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-4-18 115216]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-18 77424]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-6-11 44672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-27 172912]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-18 250984]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-02 20:59:39   --------   d-----w-   C:\Windows\ERUNT
2013-01-02 20:59:08   --------   d-----w-   C:\JRT
2012-12-30 04:27:20   --------   d-----w-   C:\Users\bobbybear\AppData\Local\{9056B9EA-B291-4709-9BC9-3CEAD8669336}
2012-12-30 02:36:25   --------   d-----w-   C:\Users\bobbybear\AppData\Local\ElevatedDiagnostics
2012-12-30 02:36:24   --------   d-----w-   C:\Windows\pss
2012-12-24 23:49:46   --------   d-----w-   C:\Users\bobbybear\Deceber nov pianio motif #4_data
2012-12-24 23:28:39   --------   d-----w-   C:\Users\bobbybear\nov piano 2012 #2_data
2012-12-24 23:09:39   --------   d-----w-   C:\Users\bobbybear\december motiffs #2 piano_data
2012-12-24 22:38:14   --------   d-----w-   C:\Users\bobbybear\piano motiffs #3 december_data
2012-12-23 02:24:44   --------   d-----w-   C:\Users\bobbybear\my my with percussion and lead guitar_data
2012-12-21 07:22:43   46080   ----a-w-   C:\Windows\System32\atmlib.dll
2012-12-21 07:22:43   367616   ----a-w-   C:\Windows\System32\atmfd.dll
2012-12-21 07:22:43   34304   ----a-w-   C:\Windows\SysWow64\atmlib.dll
2012-12-21 07:22:42   295424   ----a-w-   C:\Windows\SysWow64\atmfd.dll
2012-12-19 20:22:51   --------   d-----w-   C:\Users\bobbybear\my my finished december 19th 2012_data
2012-12-19 19:46:28   --------   d-----w-   C:\Users\bobbybear\ring ring ring finished dec 19th 2012_data
2012-12-19 19:01:50   --------   d-----w-   C:\Users\bobbybear\miller's song -- finished dec.19th 2012_data
2012-12-13 19:28:32   --------   d-----w-   C:\Users\bobbybear\AppData\Local\MFAData
2012-12-13 19:28:32   --------   d-----w-   C:\Users\bobbybear\AppData\Local\Avg2013
2012-12-12 20:53:47   16363960   ----a-w-   C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-12-12 06:30:40   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2012-12-12 06:30:40   2048   ----a-w-   C:\Windows\System32\tzres.dll
2012-12-12 06:30:05   3149824   ----a-w-   C:\Windows\System32\win32k.sys
2012-12-12 06:28:32   478208   ----a-w-   C:\Windows\System32\dpnet.dll
2012-12-12 06:28:32   376832   ----a-w-   C:\Windows\SysWow64\dpnet.dll
2012-12-11 19:26:07   --------   d-----w-   C:\Users\bobbybear\millers song best of 12th of dec_data
2012-12-11 19:01:09   --------   d-----w-   C:\Users\bobbybear\miller song with fucking seagull_data
2012-12-11 18:11:32   --------   d-----w-   C:\Users\bobbybear\miller's song december 12th_data
2012-12-11 05:31:17   --------   d-----w-   C:\Users\bobbybear\AppData\Local\{6A43884E-0AA6-4C7D-9621-23B3E93A4CDB}
2012-12-10 14:24:44   --------   d-----w-   C:\Users\bobbybear\millers sond dec10_data
2012-12-09 17:17:46   --------   d-----w-   C:\Users\bobbybear\millers song december 7th 2012_data
2012-12-07 23:51:00   --------   d-----w-   C:\Users\bobbybear\AppData\Local\{D395545D-D688-4D72-802F-23A52C15259E}
2012-12-07 07:40:28   2560   ----a-w-   C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-12-07 07:40:27   9728   ----a-w-   C:\Windows\System32\Wdfres.dll
2012-12-07 07:40:27   785512   ----a-w-   C:\Windows\System32\drivers\Wdf01000.sys
2012-12-07 07:40:27   54376   ----a-w-   C:\Windows\System32\drivers\WdfLdr.sys
2012-12-07 07:01:00   87040   ----a-w-   C:\Windows\System32\drivers\WUDFPf.sys
2012-12-07 07:01:00   198656   ----a-w-   C:\Windows\System32\drivers\WUDFRd.sys
2012-12-07 07:00:59   84992   ----a-w-   C:\Windows\System32\WUDFSvc.dll
2012-12-07 07:00:59   194048   ----a-w-   C:\Windows\System32\WUDFPlatform.dll
2012-12-07 07:00:56   744448   ----a-w-   C:\Windows\System32\WUDFx.dll
2012-12-07 07:00:56   45056   ----a-w-   C:\Windows\System32\WUDFCoinstaller.dll
2012-12-07 07:00:56   229888   ----a-w-   C:\Windows\System32\WUDFHost.exe
2012-12-07 06:54:26   5559664   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-12-07 06:54:24   3914096   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-12-07 06:54:23   3968880   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-12-07 06:53:48   1659760   ----a-w-   C:\Windows\System32\drivers\ntfs.sys
2012-12-07 06:53:27   1464320   ----a-w-   C:\Windows\System32\crypt32.dll
2012-12-07 06:53:26   184320   ----a-w-   C:\Windows\System32\cryptsvc.dll
2012-12-07 06:53:26   140288   ----a-w-   C:\Windows\SysWow64\cryptsvc.dll
2012-12-07 06:53:26   140288   ----a-w-   C:\Windows\System32\cryptnet.dll
2012-12-07 06:53:26   1159680   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2012-12-07 06:53:26   103936   ----a-w-   C:\Windows\SysWow64\cryptnet.dll
2012-12-07 06:51:24   715776   ----a-w-   C:\Windows\System32\kerberos.dll
2012-12-07 06:51:24   542208   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2012-12-07 06:51:21   220160   ----a-w-   C:\Windows\System32\wintrust.dll
2012-12-07 06:51:21   172544   ----a-w-   C:\Windows\SysWow64\wintrust.dll
2012-12-05 18:13:14   --------   d-----w-   C:\Users\bobbybear\never go away -- miller song_data
2012-12-05 18:12:57   --------   d-----w-   C:\Users\bobbybear\never go away_data
2012-12-04 02:58:39   --------   d-----w-   C:\Users\bobbybear\AppData\Local\{C6B00090-55E5-4390-945C-A043A9FEADED}
.
==================== Find3M  ====================
.
2012-12-12 21:17:31   73656   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 21:17:31   697272   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-14 06:11:44   2312704   ----a-w-   C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11   1392128   ----a-w-   C:\Windows\System32\wininet.dll
2012-11-14 06:02:49   1494528   ----a-w-   C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46   599040   ----a-w-   C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22   1800704   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27   420864   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2012-10-16 08:38:37   135168   ----a-w-   C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34   350208   ----a-w-   C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52   561664   ----a-w-   C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13   55296   ----a-w-   C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13   226816   ----a-w-   C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31   44032   ----a-w-   C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31   193536   ----a-w-   C:\Windows\SysWow64\dhcpcore6.dll
2012-10-06 16:57:39   95208   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-06 16:57:37   821736   ----a-w-   C:\Windows\SysWow64\npDeployJava1.dll
2012-10-06 16:57:37   746984   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 13:56:16.17 ===============
 Results of screen317's Security Check version 0.99.56 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
AVG Internet Security 2012   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````[/u]
 Java 7 Update 7 
 Java version out of Date!
 Adobe Flash Player 11.5.502.135 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (15.0)
````````Process Check: objlist.exe by Laurent````````[/u] 
 AVG avgwdsvc.exe
 AVG avgtray.exe
 Symantec Norton Online Backup NOBuAgent.exe 
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````[/u]

Big Alohas,
Bobby

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14480
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #6 on: January 02, 2013, 11:12:15 PM »
Hi, Bobby.

Thanks for the beer.  :) 

Although you didn't post a copy of attach.txt, from the looks of your logs, you are indeed rid of Funmoods.   You can delete the Junk Removal Tool from your desktop and do the following to uninstall AdwCleaner:

Please do the following to uninstall AdwCleaner.
  •   Double-click AdwCleaner.exe to run the tool.
  •   Click Uninstall
  •   Confirm with yes
A major source of infection these days is third-party programs, particularly Java and Adobe products.  From the SecurityCheck log, it does not appear that you have any of the leftover Java version 6 or old on your computer but you do need to update Java to the current release.  It is severely out of date.  Please get the latest update to Oracle Java from here:  http://java.com/en/download/manual_v6.jsp

Next comes Adobe Reader which is currently at version XI.  If you choose to continue using Adobe Reader, you can get the latest version here:  Download Adobe Reader.  Personally, I switched to Sumatra PDF several years ago and found it works great.

Finally, Firefox is currently at version 17.0.1.  You can easily update by clicking "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox." 

Having a firewall, anti-virus and anti-malware software are not enough.  You also need to stay current with security updates.  If you don't have your computer set to automatically install the Microsoft Security Updates, please check for updates now. 

To check if your system is missing security updates or has insecure applications, install Secunia Personal Software Inspector or, alternatively, visit http://secunia.com/software_inspector/ .  The Secunia Software Inspector runs through your browser with no installation or download required and does the following:
  • Detects insecure versions of applications installed
  • Verifies that all Microsoft patches are applied
  • Assists you in updating your system and applications

My favorite security software is WinPatrol which includes the features described at http://www.winpatrol.com/features.html

Please confirm that you computer is back to "normal" and let me know if you have any questions.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14480
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #7 on: January 03, 2013, 12:13:56 PM »
Hi, Bobby.

There is one other thing I meant to mention.  I noticed you use Windows Live Mesh.  Please note that Microsoft is merging SkyDrive and Mesh into a single product.  As a result, Microsoft will retire Mesh on February 13, 2013. After this date, some Mesh functions, such as remote desktop and peer to peer sync, will no longer be available and any data on the Mesh cloud, called Mesh synced storage or SkyDrive synced storage, will be removed. The folders you synced with Mesh will stop syncing, and you will not be able to connect to your PCs remotely using Mesh.

For information on transitioning to SkyDrive, please see SkyDrive for Mesh customers - Microsoft Windows.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline bobby bear

  • Jr. Member
  • **
  • Posts: 5
    • View Profile
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #8 on: January 07, 2013, 08:58:23 PM »

Hello Corinne!

 :mitch: All systems now updated and working great -- haven't seen funmoods (*gasp* just typing/reading the word freaks me out a little...) and my PC is functioning as fast as ever!!  I can't thank you enough for your guidance, suggestions, everything. Please let me know if I can repay your kindness and support landzdown.com in any way!  :dance:

Biggest Alohas,
Bobby

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 14480
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Funmoods (not fun at all): can't remove -- Help please.
« Reply #9 on: January 08, 2013, 06:08:04 PM »
Hi, Bobby.

I'm very happy to know that everything is now working as expected. 

As to supporting LandzDown, we are all volunteers and hosting is taken care of.  However, in lieu of a donation to LandzDown, you could do something -- purchase a licensed security software program you've been wanting (i.e., perhaps WinPatrol PLUS) or make a donation to your favorite charity or drop off a treat at your local volunteer firehouse, thanking them for what they do.

Happy New Year, Bobby!


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.