Author Topic: lap top getting strange messages on start up (Read 505 times)

mymadelynn · « **on:** December 04, 2011, 12:21:38 AM »

NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 08/01/2009 9:38:31 AM
System Uptime: 03/12/2011 4:29:36 PM (4 hours ago)
.
Motherboard: Wistron | | 360B
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | CPU | 2166/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 140 GiB total, 77.806 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.674 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0011
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #8
PNP Device ID: ROOT\*6TO4MP\0011
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0013
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #9
PNP Device ID: ROOT\*6TO4MP\0013
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0030
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #20
PNP Device ID: ROOT\*6TO4MP\0030
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0057
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #42
PNP Device ID: ROOT\*6TO4MP\0057
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0064
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #47
PNP Device ID: ROOT\*6TO4MP\0064
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0065
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #48
PNP Device ID: ROOT\*6TO4MP\0065
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0079
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #60
PNP Device ID: ROOT\*6TO4MP\0079
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0085
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #65
PNP Device ID: ROOT\*6TO4MP\0085
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0092
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #70
PNP Device ID: ROOT\*6TO4MP\0092
Service: tunnel
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart Prem C410 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart Prem C410 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Atheros Driver Installation Program
µTorrent
AVG 2012
AVG PC Tuneup 2011
AVS DVD Player version 2.4
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
BufferChm
C410
Cards_Calendar_OrderGift_DoMorePlugout
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conduit Engine
Conexant HD Audio
Coupon Printer for Windows
CourseSmart Bookshelf
CyberLink DVD Suite
CyberLink YouCam
Destinations
DeviceDiscovery
DocProc
ESU for Microsoft Vista
Facebook Plug-In
Fax
Google Chrome
Google Earth
Google Update Helper
GPBaseService2
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Participation Program 14.0
HP Doc Viewer
HP DVD Play 3.7
HP Easy Setup - Frontend
HP Help and Support
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart Essential 2.5
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7
HP Quick Launch Buttons 6.40 F1
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Total Care Advisor
HP Update
HP User Guides 0121
HP Wireless Assistant
HPAppStudio
HPAsset component for HP Active Support Library
HPNetworkAssistant
HPPhotoGadget
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
Integrated Webcam Driver (1.00.03.0720)
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 13
Java(TM) 6 Update 5
LabelPrint
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox (3.6.24)
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
NetWaiting
Network
Norton Security Scan
OCR Software by I.R.I.S. 14.0
Power2Go
PowerDirector
PS_AIO_07_C410_SW_Min
PSSWCORE
QuickPlay SlingPlayer 0.4.6
QuickTransfer
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek USB 2.0 Card Reader
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Status
swMSM
Synaptics Pointing Device Driver
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
uTorrentBar Toolbar
VideoToolkit01
WebReg
Windows Live ID Sign-in Assistant
Windows Media Player Firefox Plugin
Yahoo! Toolbar
Yontoo Layers Runtime 1.10.01
.
==== Event Viewer Messages From Past Week ========
.
30/11/2011 5:55:15 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00242B41EA88. The following error occurred: The wait operation timed out.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
30/11/2011 5:54:50 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 00242B41EA88 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
03/12/2011 4:46:07 PM, Error: Microsoft-Windows-LanguagePackSetup [1003] - CBS error 0x800f0825 reported while operating on UI Language Pack for fr-FR
03/12/2011 4:30:51 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
02/12/2011 7:38:55 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
01/12/2011 4:27:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
.
==== End Of File ===========================
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_13
Run by Cathy at 20:15:17 on 2011-12-03
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3002.1590 [GMT -5:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.40\AVG Secure Search_toolbar.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime\YontooIEClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.40\AVG Secure Search_toolbar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Iemz] rundll32 "c:\users\cathy\appdata\roaming\LAPRXYQ.dll",Bvkboepehg
uRun: [Xhgk] rundll32 "c:\users\cathy\appdata\roaming\raserverf.dll",kxzqpaop
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\2.0"
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0357.1\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: blackboard.com\gc
DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} - hxxp://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
TCP: DhcpNameServer = 207.164.234.193 207.164.234.129
TCP: Interfaces\{1684EF36-DE5D-4BBF-8FA8-42C91B00171A} : DhcpNameServer = 207.164.234.193 207.164.234.129
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\cathy\appdata\roaming\mozilla\firefox\profiles\8dgomc4v.default\
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll
FF - component: c:\users\cathy\appdata\roaming\mozilla\firefox\profiles\8dgomc4v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\cathy\appdata\roaming\mozilla\firefox\profiles\8dgomc4v.default\extensions\avg@toolbar\components\toolbarhomewmp.dll
FF - component: c:\users\cathy\appdata\roaming\mozilla\firefox\profiles\8dgomc4v.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
FF - plugin: c:\users\cathy\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg2012\Firefox4
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
FF - Ext: AVG Security Toolbar: avg@toolbar - %profile%\extensions\avg@toolbar
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-10-24 2398512]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-7-12 361808]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\8.0.1\ToolbarUpdater.exe [2011-11-30 246624]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-7-12 193840]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-4 113664]
R3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:\windows\system32\drivers\OA004Ufd.sys [2008-6-3 144672]
R3 OA004Vid;Creative Camera OA004 Function Driver;c:\windows\system32\drivers\OA004Vid.sys [2008-7-17 269760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-24 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-24 135664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-01 22:26:39   --------   d--h--w-   C:\$AVG
2011-12-01 01:23:16   --------   d-----w-   c:\users\cathy\appdata\roaming\AVG
2011-12-01 00:58:53   --------   d-----w-   c:\users\cathy\appdata\roaming\AVG2012
2011-12-01 00:58:12   --------   d-----w-   c:\program files\common files\AVG Secure Search
2011-12-01 00:58:11   --------   d-----w-   c:\program files\AVG Secure Search
2011-12-01 00:58:06   --------   d--h--w-   c:\programdata\Common Files
2011-12-01 00:56:31   --------   d-----w-   c:\windows\system32\drivers\AVG
2011-12-01 00:56:31   --------   d-----w-   c:\programdata\AVG2012
2011-12-01 00:55:20   --------   d-----w-   c:\program files\AVG
2011-12-01 00:52:44   --------   d-----w-   c:\programdata\MFAData
2011-11-29 17:08:59   6668624   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{7b563ff9-2f50-42b1-921d-ef28d7d80a63}\mpengine.dll
2011-11-17 13:35:26   --------   d-----w-   c:\windows\Hewlett-Packard
2011-11-14 22:51:05   --------   d-----w-   c:\programdata\WEBREG
2011-11-14 22:47:49   --------   d-----w-   c:\users\cathy\appdata\local\HP
2011-11-14 22:46:22   319488   ----a-w-   c:\windows\system32\spool\prtprocs\w32x86\hpfpp101.dll
2011-11-14 22:44:36   --------   d-----w-   c:\program files\Microsoft
2011-11-14 22:44:35   --------   d-----w-   c:\program files\MSN Toolbar
2011-11-14 22:44:16   --------   d-----w-   c:\program files\MSN Toolbar Installer
2011-11-14 22:43:43   --------   d-----w-   c:\program files\Coupons
2011-11-14 22:42:53   --------   d-----w-   c:\programdata\HP Photo Creations
2011-11-14 22:42:53   --------   d-----w-   c:\program files\HP Photo Creations
2011-11-14 22:42:37   --------   d-----w-   c:\users\cathy\appdata\roaming\HpUpdate
2011-11-14 22:37:53   --------   d-----w-   c:\program files\common files\Hewlett-Packard
2011-11-14 22:36:20   970880   ----a-w-   c:\windows\system32\hpost_p04i.dll
2011-11-14 22:36:20   891520   ----a-w-   c:\windows\system32\hposwia_p04i.dll
2011-11-14 22:36:20   372736   ----a-w-   c:\windows\system32\hppldcoi.dll
2011-11-14 22:36:20   319616   ----a-w-   c:\windows\system32\hposc_p04a.dll
2011-11-14 22:35:46   452736   ----a-w-   c:\windows\system32\hpzids01.dll
2011-11-14 22:35:43   125952   ----a-w-   c:\windows\system32\hpf3l101.dll
2011-11-09 12:17:38   2409784   ----a-w-   c:\program files\windows mail\OESpamFilter.dat
2011-11-09 12:17:12   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 12:17:11   707584   ----a-w-   c:\program files\common files\system\wab32.dll
.
==================== Find3M ====================
.
2011-11-03 00:16:12   69120   --sha-r-   c:\users\cathy\appdata\roaming\raserverf.dll
2011-11-03 00:16:00   69120   --sha-r-   c:\users\cathy\appdata\roaming\LAPRXYQ.dll
2011-10-07 11:23:48   230608   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2011-10-04 11:21:16   16720   ----a-w-   c:\windows\system32\drivers\AVGIDSShim.sys
2011-09-13 11:30:10   32592   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
2011-09-06 13:30:12   2043392   ----a-w-   c:\windows\system32\win32k.sys
2011-09-06 12:55:41   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 20:16:38.40 ===============

Corrine · « **Reply #1 on:** December 04, 2011, 01:46:56 AM »

Hi, mymadelynn.

I don't know how old your children are, but you need to talk to them about two things -- both Microsoft and third-party security updates and using P2P (peer-to-peer) programs. We'll deal with the needed security updates later. Following is my "lecture" regarding P2P programs:

P2P programs form a direct conduit on to your computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

With P2P file sharing, what means do you have of identifying or authenticating the source of the download? In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files.

That said, please uninstall the following:

µTorrent
uTorrentBar Toolbar

Next, uninstall the following outdated, severely vulnerable versions of Java. After cleaning the computer, you can install the latest version:

Java(TM) 6 Update 13
Java(TM) 6 Update 5

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please follow these instructions carefully.

Download ComboFix from one of the following locations:

Link 1
Link 2

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray.

Note: If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum: How to disable your security applications.

Now, please run ComboFix:

Note: If infections are found, ComboFix will automatically reboot the machine to complete the removal process. Please ensure all opened windows are closed before proceeding.
Double-click ComboFix.exe on your desktop and follow the prompts.
As part of the process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it is strongly recommended to have this pre-installed on your machine before doing any malware removal. The Recovery Console will allow you to start up the computer in a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Please note: If the Microsoft Windows Recovery Console is already installed on the computer, ComboFix will continue the malware removal procedures.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
After the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click "Yes" to continue scanning for malware.
When finished, a log will be produced. Please include the C:\ComboFix.txt in your next reply.

mymadelynn · « **Reply #2 on:** December 05, 2011, 02:05:10 PM »

This is the requested combi fix file for my laptop.
ComboFix 11-12-05.01 - Cathy 05/12/2011 9:48.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3002.1977 [GMT -5:00]
Running from: c:\users\Cathy\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\Cathy\Documents\~WRL0003.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-11-05 to 2011-12-05 )))))))))))))))))))))))))))))))
.
.
2011-12-05 14:54 . 2011-12-05 14:54   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-12-01 22:26 . 2011-12-01 22:26   --------   d-----w-   C:\$AVG
2011-12-01 01:23 . 2011-12-01 01:23   --------   d-----w-   c:\users\Cathy\AppData\Roaming\AVG
2011-12-01 00:58 . 2011-12-01 00:58   --------   d-----w-   c:\program files\Common Files\AVG Secure Search
2011-12-01 00:58 . 2011-12-01 00:58   --------   d-----w-   c:\program files\AVG Secure Search
2011-12-01 00:58 . 2011-12-01 00:58   --------   d--h--w-   c:\programdata\Common Files
2011-12-01 00:56 . 2011-12-05 13:35   --------   d-----w-   c:\windows\system32\drivers\AVG
2011-12-01 00:56 . 2011-12-01 01:13   --------   d-----w-   c:\programdata\AVG2012
2011-12-01 00:55 . 2011-12-01 01:22   --------   d-----w-   c:\program files\AVG
2011-12-01 00:52 . 2011-12-05 13:35   --------   d-----w-   c:\programdata\MFAData
2011-11-29 17:08 . 2011-10-07 03:48   6668624   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B563FF9-2F50-42B1-921D-EF28D7D80A63}\mpengine.dll
2011-11-17 13:35 . 2011-11-17 13:35   --------   d-----w-   c:\windows\Hewlett-Packard
2011-11-14 22:51 . 2011-11-14 22:51   --------   d-----w-   c:\programdata\WEBREG
2011-11-14 22:47 . 2011-11-14 22:47   --------   d-----w-   c:\users\Cathy\AppData\Local\HP
2011-11-14 22:47 . 2011-11-14 22:59   --------   d-----w-   c:\users\Cathy\AppData\Roaming\HP
2011-11-14 22:46 . 2010-03-10 20:23   319488   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\hpfpp101.dll
2011-11-14 22:44 . 2011-11-14 22:44   --------   d-----w-   c:\program files\Microsoft
2011-11-14 22:44 . 2011-11-14 22:44   --------   d-----w-   c:\program files\MSN Toolbar
2011-11-14 22:44 . 2011-11-14 22:44   --------   d-----w-   c:\program files\MSN Toolbar Installer
2011-11-14 22:43 . 2011-11-14 22:43   --------   d-----w-   c:\program files\Coupons
2011-11-14 22:42 . 2011-11-14 22:42   --------   d-----w-   c:\programdata\HP Photo Creations
2011-11-14 22:42 . 2011-11-14 22:42   --------   d-----w-   c:\program files\HP Photo Creations
2011-11-14 22:42 . 2011-11-24 13:51   --------   d-----w-   c:\users\Cathy\AppData\Roaming\HpUpdate
2011-11-14 22:41 . 2011-11-14 22:41   --------   d-----w-   c:\programdata\HP Product Assistant
2011-11-14 22:37 . 2011-11-14 22:37   --------   d-----w-   c:\program files\Common Files\Hewlett-Packard
2011-11-14 22:36 . 2009-12-10 18:48   970880   ----a-w-   c:\windows\system32\hpost_p04i.dll
2011-11-14 22:36 . 2009-12-10 18:48   891520   ----a-w-   c:\windows\system32\hposwia_p04i.dll
2011-11-14 22:36 . 2009-12-10 18:48   319616   ----a-w-   c:\windows\system32\hposc_p04a.dll
2011-11-14 22:36 . 2009-10-30 04:15   372736   ----a-w-   c:\windows\system32\hppldcoi.dll
2011-11-14 22:35 . 2009-10-22 00:55   452736   ----a-w-   c:\windows\system32\hpzids01.dll
2011-11-14 22:35 . 2010-03-10 20:23   125952   ----a-w-   c:\windows\system32\hpf3l101.dll
2011-11-09 12:17 . 2011-10-17 11:41   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 12:17 . 2011-09-20 21:02   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 12:17 . 2011-09-30 15:57   707584   ----a-w-   c:\program files\Common Files\System\wab32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-29 18:21 . 2009-08-18 16:30   564632   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-11-29 18:21 . 2009-08-18 16:24   18328   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-03 00:16 . 2011-11-03 00:16   69120   --sha-r-   c:\users\Cathy\AppData\Roaming\raserverf.dll
2011-11-03 00:16 . 2011-11-03 00:16   69120   --sha-r-   c:\users\Cathy\AppData\Roaming\LAPRXYQ.dll
2011-10-07 11:23 . 2011-10-07 11:23   230608   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2011-10-04 11:21 . 2011-10-04 11:21   16720   ----a-w-   c:\windows\system32\drivers\AVGIDSShim.sys
2011-09-13 11:30 . 2011-09-13 11:30   32592   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-01 00:58   1451336   ----a-w-   c:\program files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-06-30 21:49   194848   ------w-   c:\program files\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll" [2011-12-01 1451336]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Iemz"="c:\users\Cathy\AppData\Roaming\LAPRXYQ.dll" [2011-11-03 69120]
"Xhgk"="c:\users\Cathy\AppData\Roaming\raserverf.dll" [2011-11-03 69120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-12 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe" [2009-11-16 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-25 2415456]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-01 218464]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2011-10-25 2398512]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-26 361808]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-12-01 246624]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]
S3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:\windows\system32\DRIVERS\OA004Ufd.sys [2008-06-03 144672]
S3 OA004Vid;Creative Camera OA004 Function Driver;c:\windows\system32\DRIVERS\OA004Vid.sys [2008-07-17 269760]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs   REG_MULTI_SZ     BthServ
LocalServiceAndNoImpersonation   REG_MULTI_SZ     FontCache
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
HPService   REG_MULTI_SZ     HPSLPSVC
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 19:22]
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 19:22]
.
2011-11-13 c:\windows\Tasks\HPCeeScheduleForCathy.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-07-12 22:14]
.
2011-10-30 c:\windows\Tasks\Norton Security Scan for Cathy.job
- c:\progra~1\NORTON~2\Engine\360~1.31\Nss.exe [2011-10-02 15:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: blackboard.com\gc
TCP: DhcpNameServer = 207.164.234.193 207.164.234.129
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\8dgomc4v.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG2012\Firefox4
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
FF - Ext: AVG Security Toolbar: avg@toolbar - %profile%\extensions\avg@toolbar
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-05 09:58
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
Completion time: 2011-12-05 10:01:44
ComboFix-quarantined-files.txt 2011-12-05 15:01
.
Pre-Run: 83,844,874,240 bytes free
Post-Run: 83,484,344,320 bytes free
.
- - End Of File - - E8C58F8BA871740183ADAA1AADD12F69

Corrine · « **Reply #3 on:** December 05, 2011, 02:07:08 PM »

Hi, mymadelynn.

Since my instructions for your children's desktop were

Quote

Can you access the Internet at all with that computer -- either Normal Mode or Safe Mode with Networking? That will make it easier as we progress through the cleanup process. Otherwise, you will need to download the files to your desktop and then transfer them via USB. Then, transfer the resultant logs back to your computer to post here for analysis.

when you posted the logs, I merged the topics not realizing that it was your own laptop. I'll split the topics again for your children's desktop but you will need to use your laptop to transfer the logs from your children's laptop to the topic so that I can provide appropriate instructions.

Corrine · « **Reply #4 on:** December 05, 2011, 02:23:13 PM »

Posts split from merged Kids computer is so messed up I can't even download the file that I need to post

mymadelynn · « **Reply #5 on:** December 05, 2011, 02:25:44 PM »

Thanks for separating these again. Can you tell me what I'm suppose to do next.

Corrine · « **Reply #6 on:** December 05, 2011, 02:29:13 PM »

You're welcome.

I need to spend some time analyzing the provided log for your laptop before I can provide further instructions.

Corrine · « **Reply #7 on:** December 05, 2011, 03:37:59 PM »

Hi, mymadelynn.

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Please open Notepad (Click Start -> Run -> type notepad in the Open field -> OK). Copy/Paste all of the text present inside the code box below:

Code: [Select]

File::
LAPRXYQ.dll
raserverf.dll

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Iemz"=-
"Xhgk"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Firefox::
FF - ProfilePath - c:\users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\8dgomc4v.default\
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}-

Save this as CFScript.txt and place it on your desktop.
Close any open browsers.
Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Are you still getting the "strange message" on start up? If so, please write down the message and post it in your next reply.

mymadelynn · « **Reply #8 on:** December 06, 2011, 01:29:58 PM »

ComboFix 11-12-05.01 - Cathy 06/12/2011 8:53.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3002.2007 [GMT -5:00]
Running from: c:\users\Cathy\Downloads\ComboFix.exe
Command switches used :: c:\users\Cathy\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-06 to 2011-12-06 )))))))))))))))))))))))))))))))
.
.
2011-12-06 14:00 . 2011-12-06 14:00   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-12-01 22:26 . 2011-12-01 22:26   --------   d-----w-   C:\$AVG
2011-12-01 01:23 . 2011-12-01 01:23   --------   d-----w-   c:\users\Cathy\AppData\Roaming\AVG
2011-12-01 00:58 . 2011-12-01 00:58   --------   d-----w-   c:\program files\Common Files\AVG Secure Search
2011-12-01 00:58 . 2011-12-01 00:58   --------   d-----w-   c:\program files\AVG Secure Search
2011-12-01 00:58 . 2011-12-01 00:58   --------   d--h--w-   c:\programdata\Common Files
2011-12-01 00:56 . 2011-12-06 13:03   --------   d-----w-   c:\windows\system32\drivers\AVG
2011-12-01 00:56 . 2011-12-01 01:13   --------   d-----w-   c:\programdata\AVG2012
2011-12-01 00:55 . 2011-12-01 01:22   --------   d-----w-   c:\program files\AVG
2011-12-01 00:52 . 2011-12-06 13:03   --------   d-----w-   c:\programdata\MFAData
2011-11-29 17:08 . 2011-10-07 03:48   6668624   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B563FF9-2F50-42B1-921D-EF28D7D80A63}\mpengine.dll
2011-11-17 13:35 . 2011-11-17 13:35   --------   d-----w-   c:\windows\Hewlett-Packard
2011-11-14 22:51 . 2011-11-14 22:51   --------   d-----w-   c:\programdata\WEBREG
2011-11-14 22:47 . 2011-11-14 22:47   --------   d-----w-   c:\users\Cathy\AppData\Local\HP
2011-11-14 22:47 . 2011-11-14 22:59   --------   d-----w-   c:\users\Cathy\AppData\Roaming\HP
2011-11-14 22:46 . 2010-03-10 20:23   319488   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\hpfpp101.dll
2011-11-14 22:44 . 2011-11-14 22:44   --------   d-----w-   c:\program files\Microsoft
2011-11-14 22:44 . 2011-11-14 22:44   --------   d-----w-   c:\program files\MSN Toolbar
2011-11-14 22:44 . 2011-11-14 22:44   --------   d-----w-   c:\program files\MSN Toolbar Installer
2011-11-14 22:43 . 2011-11-14 22:43   --------   d-----w-   c:\program files\Coupons
2011-11-14 22:42 . 2011-11-14 22:42   --------   d-----w-   c:\programdata\HP Photo Creations
2011-11-14 22:42 . 2011-11-14 22:42   --------   d-----w-   c:\program files\HP Photo Creations
2011-11-14 22:42 . 2011-11-24 13:51   --------   d-----w-   c:\users\Cathy\AppData\Roaming\HpUpdate
2011-11-14 22:41 . 2011-11-14 22:41   --------   d-----w-   c:\programdata\HP Product Assistant
2011-11-14 22:37 . 2011-11-14 22:37   --------   d-----w-   c:\program files\Common Files\Hewlett-Packard
2011-11-14 22:36 . 2009-12-10 18:48   970880   ----a-w-   c:\windows\system32\hpost_p04i.dll
2011-11-14 22:36 . 2009-12-10 18:48   891520   ----a-w-   c:\windows\system32\hposwia_p04i.dll
2011-11-14 22:36 . 2009-12-10 18:48   319616   ----a-w-   c:\windows\system32\hposc_p04a.dll
2011-11-14 22:36 . 2009-10-30 04:15   372736   ----a-w-   c:\windows\system32\hppldcoi.dll
2011-11-14 22:35 . 2009-10-22 00:55   452736   ----a-w-   c:\windows\system32\hpzids01.dll
2011-11-14 22:35 . 2010-03-10 20:23   125952   ----a-w-   c:\windows\system32\hpf3l101.dll
2011-11-09 12:17 . 2011-10-17 11:41   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 12:17 . 2011-09-20 21:02   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 12:17 . 2011-09-30 15:57   707584   ----a-w-   c:\program files\Common Files\System\wab32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-29 18:21 . 2009-08-18 16:30   564632   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-11-29 18:21 . 2009-08-18 16:24   18328   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-03 00:16 . 2011-11-03 00:16   69120   --sha-r-   c:\users\Cathy\AppData\Roaming\raserverf.dll
2011-11-03 00:16 . 2011-11-03 00:16   69120   --sha-r-   c:\users\Cathy\AppData\Roaming\LAPRXYQ.dll
2011-10-07 11:23 . 2011-10-07 11:23   230608   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2011-10-04 11:21 . 2011-10-04 11:21   16720   ----a-w-   c:\windows\system32\drivers\AVGIDSShim.sys
2011-09-13 11:30 . 2011-09-13 11:30   32592   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-01 00:58   1451336   ----a-w-   c:\program files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-06-30 21:49   194848   ------w-   c:\program files\Yontoo Layers Runtime\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll" [2011-12-01 1451336]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-12 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe" [2009-11-16 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-25 2415456]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-01 218464]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2011-10-25 2398512]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-26 361808]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-12-01 246624]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]
S3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:\windows\system32\DRIVERS\OA004Ufd.sys [2008-06-03 144672]
S3 OA004Vid;Creative Camera OA004 Function Driver;c:\windows\system32\DRIVERS\OA004Vid.sys [2008-07-17 269760]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs   REG_MULTI_SZ     BthServ
LocalServiceAndNoImpersonation   REG_MULTI_SZ     FontCache
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
HPService   REG_MULTI_SZ     HPSLPSVC
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 19:22]
.
2011-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 19:22]
.
2011-11-13 c:\windows\Tasks\HPCeeScheduleForCathy.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-07-12 22:14]
.
2011-10-30 c:\windows\Tasks\Norton Security Scan for Cathy.job
- c:\progra~1\NORTON~2\Engine\360~1.31\Nss.exe [2011-10-02 15:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cnnb
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: blackboard.com\gc
TCP: DhcpNameServer = 207.164.234.193 207.164.234.129
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\8dgomc4v.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG2012\Firefox4
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
FF - Ext: AVG Security Toolbar: avg@toolbar - %profile%\extensions\avg@toolbar
FF - user.js: yahoo.homepage.dontask - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-06 09:00
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-12-06 09:02:38
ComboFix-quarantined-files.txt 2011-12-06 14:02
ComboFix2.txt 2011-12-05 15:01
.
Pre-Run: 83,890,126,848 bytes free
Post-Run: 83,863,732,224 bytes free
.
- - End Of File - - 599E2C2DEAF53C1CF8E6783B1F4943D7
I am still getting the strange error message on start up. I am also getting pop ups.

mymadelynn · « **Reply #9 on:** December 06, 2011, 01:44:30 PM »

After I ran the last script I started the shutdown the laptop twice trying to get the error message. I am no longer getting the error message since I ran the last script.

Corrine · « **Reply #10 on:** December 06, 2011, 02:11:51 PM »

Please provide an extra ComboFix report

Push the "Windows Key" + "R" (between the "Ctrl" button and "Alt" Button)
Please copy and past the following into the box:
C:\Qoobox\Add-Remove Programs.txt
click Ok

Copy and paste the report into this topic for me to review.

mymadelynn · « **Reply #11 on:** December 06, 2011, 08:06:56 PM »

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Atheros Driver Installation Program
AVG 2012
AVG PC Tuneup 2011
AVS DVD Player version 2.4
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
BufferChm
C410
Cards_Calendar_OrderGift_DoMorePlugout
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Coupon Printer for Windows
CourseSmart Bookshelf
CyberLink DVD Suite
CyberLink YouCam
Destinations
DeviceDiscovery
DocProc
ESU for Microsoft Vista
Facebook Plug-In
Fax
Google Chrome
Google Earth
Google Update Helper
GPBaseService2
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Participation Program 14.0
HP Doc Viewer
HP DVD Play 3.7
HP Easy Setup - Frontend
HP Help and Support
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart Essential 2.5
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7
HP Quick Launch Buttons 6.40 F1
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Total Care Advisor
HP Update
HP User Guides 0121
HP Wireless Assistant
HPAppStudio
HPAsset component for HP Active Support Library
HPNetworkAssistant
HPPhotoGadget
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
Integrated Webcam Driver (1.00.03.0720)
Intel(R) Graphics Media Accelerator Driver
LabelPrint
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox (3.6.24)
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
NetWaiting
Network
Norton Security Scan
OCR Software by I.R.I.S. 14.0
Power2Go
PowerDirector
PS_AIO_07_C410_SW_Min
PSSWCORE
QuickPlay SlingPlayer 0.4.6
QuickTransfer
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek USB 2.0 Card Reader
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Status
swMSM
Synaptics Pointing Device Driver
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VideoToolkit01
WebReg
Windows Live ID Sign-in Assistant
Windows Media Player Firefox Plugin
Yahoo! Toolbar

Corrine · « **Reply #12 on:** December 06, 2011, 11:38:23 PM »

Hi, mymadelynn.

Please do the following to implement cleanup procedures and also to reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

Note: In the event you wish to contribute to the ongoing development of ComboFix, the developer is accepting donations via PayPal.

Updates needed

Adobe Reader 8.1.3 -- another critical security vulnerability in older versions of Adobe Reader was announced today. Update to the latest version here: http://get.adobe.com/reader/ Be sure to UNcheck the McAfee Security Scan Plus scan. It is not needed.

You can now download the latest Java from http://java.com/en/download/manual.jsp. Note, however, that you may not need Java. See Do You Need Java? for programs that need Java.

To check if your system is missing security updates or has insecure applications, install Secunia Personal Software Inspector or, alternatively, visit http://secunia.com/software_inspector/ . The Secunia Software Inspector runs through your browser with no installation or download required and does the following:

Detects insecure versions of applications installed
Verifies that all Microsoft patches are applied
Assists you in updating your system and applications

Install and update SpywareBlaster to prevent the installation of spyware and other potentially unwanted software: http://www.javacoolsoftware.com/spywareblaster.html

My favorite security software is WinPatrol which includes the features described at http://www.winpatrol.com/features.html

Please let me know if you have any questions.

mymadelynn · « **Reply #13 on:** December 07, 2011, 11:18:09 AM »

Will do these in a couple hours. I seem to be getting rerouted back to my home page when I click on a link. Will the above fix that. The pop up seem to be gone.

mymadelynn · « **Reply #14 on:** December 07, 2011, 12:55:50 PM »

I have download all of the above and will let you know how things go. Thank you very much

LandzDown Forum

News:

Author Topic: lap top getting strange messages on start up (Read 505 times)

mymadelynn

lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up

Corrine

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up

mymadelynn

Re: lap top getting strange messages on start up