Clicked on a tab I shouldn't have and then......

[tpolcha]

1.  Rooter results:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Disabled !
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 3.6.13 (en-US)
.
C:\  [Fixed-NTFS] .. ( Total:584 Go - Free:516 Go )
D:\  [Fixed-NTFS] .. ( Total:11 Go - Free:1 Go )
E:\  [CD_Rom]
F:\  [Removable]
G:\  [Removable]
H:\  [Removable]
I:\  [Removable]
.
Scan : 17:12.44
Path : C:\Users\dad\Desktop\Rooter.exe
User : dad ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ? (280)
______ ? (392)
______ ? (572)
______ ? (648)
______ ? (660)
______ ? (708)
______ ? (732)
______ ? (752)
______ ? (776)
______ ? (896)
______ ? (972)
______ ? (428)
______ ? (580)
______ ? (664)
______ ? (772)
______ ? (1068)
______ ? (1156)
______ ? (1288)
______ ? (1336)
______ ? (1508)
______ ? (1576)
______ C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (1624)
______ C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe (1644)
______ C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (1704)
______ c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (1740)
______ C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe (1836)
______ C:\Program Files (x86)\PDF Complete\pdfsvc.exe (1900)
______ ? (2044)
______ ? (1452)
______ C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (2128)
______ ? (2336)
______ ? (2584)
______ ? (2616)
______ ? (2636)
______ ? (2612)
______ ? (3012)
______ ? (3108)
______ ? (4044)
______ ? (3356)
______ ? (3436)
______ C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (3596)
______ C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (3612)
______ ? (3672)
______ ? (3724)
______ C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (4084)
______ C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe (3224)
______ C:\Program Files (x86)\AVG\AVG10\avgtray.exe (3628)
______ C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe (3488)
______ ? (2992)
______ ? (1972)
______ ? (1316)
______ ? (1764)
______ ? (2408)
______ ? (440)
Locked audiodg.exe (5036)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (6040)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (6024)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe (4728)
______ ? (5900)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (4540)
______ ? (1312)
______ C:\Users\dad\Desktop\Rooter.exe (5504)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:104857600)
\Device\Harddisk0\Partition2 (Start_Offset:105906176 | Length:627182665728)
\Device\Harddisk0\Partition3 (Start_Offset:627288571904 | Length:12845056000)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\HPCeeScheduleFordad.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 17:12.45
.
C:\Rooter$\Rooter_2.txt - (15/05/2011 | 17:12.45)


2.  Would you like me to try saphos again one step at a time?

3. 

According to the DDS logs, your machine is a 64 bit machine.

I agree.  Respectully--I don't want to convolute this thread with windows problems unless it could be relavent while your helping me with this topic.  Unless I'm overreacting, rooter.exe reports "Os 32 bit" on the scanner header when it opened up for me to run and is listed on this log.  It shows IE9 which I thought I uninstalled and Mozilla Fire Fox will not uninstall in the control pnl.  Am I over reacting? 

I certainly intend to open a new topic concerning these issues when you think you solved this current issue.  Hopefully you'll pick me up and advise me there as well.  Thanks again

Tom

[SuperDave]

Would you like me to try saphos again one step at a time?

No. I just wanted to be sure.

I don't want to convolute this thread with windows problems unless it could be relavent while your helping me with this topic.  Unless I'm overreacting, rooter.exe reports "Os 32 bit" on the scanner header when it opened up for me to run and is listed on this log.  It shows IE9 which I thought I uninstalled and Mozilla Fire Fox will not uninstall in the control pnl.  Am I over reacting?

You can check your system by doing this:
Click Start, type system in the Start Search box, and then click system in the Programs list.
The operating system is displayed as follows:
For a 64-bit version operating system: 64-bit Operating System appears for the System type under System.
For a 32-bit version operating system: 32-bit Operating System appears for the System type under System.

As for FireFox, do you want to uninstall it?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

[tpolcha]

I'm having a problem with your latest suggestion....Esetonline scanner but first:

As for FireFox, do you want to uninstall it?

Yes for two reasons. 

a.  I should be able to uninstall any application I choose to when I want to.  My system will not allow me to do so. That is frustrating

b.  This doesn't allow me to troubleshoot and or seperate an infected system from a possibly misconfigured one.  I call upon your expert guidence.

So to resume my response, ESETonlinescanner will not download...  Your thread raises a question "For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)"

So I click on the eset link to begin the next step.  It takes me to the site.  I agree.  I attempt to download.  It starts.  Then IE 8 and or IE9 eventually tells me...

"This Website wants to install the following add on 'onlineScanner.cab from ESet,spol.s.r.o' "

I select 'OK'.

A new Win IE pops up to informs me I cant access the site. That I didn't supply the needed information to access the site to properly pay for the access.  I can retry or cancell. Neither works. 

Are there other suggested av online scanners available to choose from to help achieve the same goal?

[SuperDave]

•Start HijackThis
•Click on the Misc Tools button
•Click on the Open Uninstall Manager button.
•Click on the Save list... button and specify where you would like to save this file. When you press Save button a Notepad will open with the contents of that file. Save the file to your desktop.
Copy and paste this file in your next reply.
*******************************************
Let's try this one.

Run the BitDefender Online scanner

Agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files.

Once Bitdefender completes the scan:
Click-on the Detected Problems tab.
Then select Click here to export the scan report.

When the window comes up to save the report, change the Save as type: box to:
Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click Save.

This will save a file named bdscan.txt. I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later).
This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to us.

Post the bdscan.txt file as an Attachment.

[tpolcha]

Now this is nothing but frustrating.  I open the bitdefender link.  I agree to the license and select 'start scan'.  I changed no options.  The first time I tried it, BD told me Win IE9 was not running as administrator.  I rebooted and started IE9 as adminstrator.  I start the scan procedure; BD starts its update, the first portion completes without a problem.  It begins updating the virus signiatures and then fails to complete.  It makes it about 5 to 7% of its download before it fails.  The next popup says we can still scan but since its not up to date do I really want to run it.  So I stop.

Now this 'stopping downloads' has been a problem for some time and one of the reasons I began asking for help.  Help first with any malware issues and then later searching for help with any possible misconfigured application while I was setting up the PC. 

With this stopping dowload issue, I first noticed it while downloading an attachment in gmail (after I finished setting up my PC [apparently because I thought I was savvy enough to do so]), if it is a file larger than--lets say 3mb, the download would fail.  Files under that size seem to complete the download and thats because I used sys restore once to see if that would help.  I can DL files larger than 3 now--to what max size I do not know. 

I don't know if that has anything to do with bdefender failing to complete its download so I'll leave that up to you to decide. Its also the reason why I want to uninstall Win IE9 and Mozilla FF.

Here is the HJT log you requested:

  ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Bejeweled 2 Deluxe
Blackhawk Striker 2
Build-a-lot 2
Catalyst Control Center - Branding
Chuzzle Deluxe
CinemaNow Media Manager
CyberLink DVD Suite Deluxe
CyberLink DVD Suite Deluxe
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
DVD Menu Pack for HP MediaSmart Video
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
FATE
Feedback Tool
Final Drive Nitro
Heroes of Hellas 2 - Olympia
HiJackThis
HP Advisor
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP Product Detection
HP Setup
HP Support Assistant
HP Update
HPAsset component for HP Active Support Library
Java(TM) 6 Update 25
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LabelPrint
LightScribe System Software
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Tools Firewall Plus 7.0
PDF Complete Special Edition
Penguins!
PhotoNow!
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
Power2Go
PowerDirector
PowerDirector
PressReader
Realtek High Definition Audio Driver
Recovery Manager
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Sophos Anti-Rootkit 1.5.4
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Virtual Families
Virtual Villagers - The Secret City
Visual Studio 2008 x64 Redistributables
Wheel of Fortune 2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Zinio Reader 4
Zinio Reader 4
Zuma Deluxe

[SuperDave]

Please try this to uninstall Mozilla Firefox (3.6.13)

Delete An Uninstall Entry

•Start HijackThis

•Click on the Open the Misc Tools section

•Click on the Open Uninstall Manager button.

•Highlight the entry you want to remove.
•Click Delete this entry
********************************************
Please try downloading ESET on another computer and transfer it using this method.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs.

[tpolcha]

  As per your instructions I used HJT to uninstall Mozilla FF and unfortunately it did not work.  Here is my HJT log once again after I used performed the instructions.

ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Bejeweled 2 Deluxe
Blackhawk Striker 2
Build-a-lot 2
Catalyst Control Center - Branding
Chuzzle Deluxe
CinemaNow Media Manager
CyberLink DVD Suite Deluxe
CyberLink DVD Suite Deluxe
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
DVD Menu Pack for HP MediaSmart Video
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
FATE
Feedback Tool
Final Drive Nitro
Heroes of Hellas 2 - Olympia
HiJackThis
HP Advisor
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP Product Detection
HP Setup
HP Support Assistant
HP Update
HPAsset component for HP Active Support Library
Java(TM) 6 Update 25
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LabelPrint
LightScribe System Software
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Tools Firewall Plus 7.0
PDF Complete Special Edition
Penguins!
PhotoNow!
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
Power2Go
PowerDirector
PowerDirector
PressReader
Realtek High Definition Audio Driver
Recovery Manager
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Sophos Anti-Rootkit 1.5.4
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Virtual Families
Virtual Villagers - The Secret City
Visual Studio 2008 x64 Redistributables
Wheel of Fortune 2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Zinio Reader 4
Zinio Reader 4
Zuma Deluxe

Question

Why does one entriey on this log look like an app I let my daughter download on my Droidx yesterday? I did eventally create a google account for my new smartphone but never have I connected my phone via usb or hdmi to my desktop.  I did check the droid app reviews before I let her download the 'Bejeweled app'.  These others from the list I didn't ask for or allow her to do: 
Blackhawk Striker 2
Build-a-lot 2
Catalyst Control Center - Branding
Chuzzle Deluxe

I closley monitor what she ask's to download on my phone.

Does this mean anything.

[tpolcha]

Info you.  I went to control panel and thought I would uninstall HJT and reinstall it just to see what my happens--and ultimately retry your instructions.  I chose the repair option.  The pop up said" The feature you are trying to use is on a network resource that is unavailable.  I can click ok or enter an alternate path to a folder containing the installation package 'HJThis.msi' in the box below.

Ode to add to the confusion.

[SuperDave]

I chose the repair option.

Why would you choose repair?

[tpolcha]

Why did I try to repair HJT?  My brain fart. 

So I uninstalled and reinstalled HJT.  I tried to uninstall Mozilla FF again with your previous instructions and it still didn't work.  I ran a HJT scan again-here is the log:

  Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:42:15 PM, on 5/20/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.valp.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cdloader] "C:\Users\dad\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file

[SuperDave]

Why does one entriey on this log look like an app I let my daughter download on my Droidx yesterday? I did eventally create a google account for my new smartphone but never have I connected my phone via usb or hdmi to my desktop.  I did check the droid app reviews before I let her download the 'Bejeweled app'.  These others from the list I didn't ask for or allow her to do: 
Blackhawk Striker 2
Build-a-lot 2
Catalyst Control Center - Branding
Chuzzle Deluxe

I closley monitor what she ask's to download on my phone.

Does this mean anything.

You can google each of those program to see what they're for.
Did you have any luck with ESET?
You can try this program to uninstall FireFox
Revo Uninstaller

[tpolcha]

I don't want you to think I undermined your efforts to help me solve my problems  but I figured if it was OK to try and remove Mozilla FF it would also be OK to remove IE9.  So I did so.  For now IE9 is removed and HJT still will not remove MFF.

Eset worked this time.  The sys allowed me to download the required activeX add-on which subsequently ran Eset.  No log to provide as it did not identify any problems  and  .  I would have liked to think that after all this work Eset would have uncovered some clandestine operative trying to hurt me and at the same time I'm happy this powerful tool gave me a clean bill of health for what it is designed to cover.

I noticed an improvement in my systems performance in regards to speed.

I tried to run bitdefender.  It would not work.

HJT still would not allow me to remove MFF.

Revouninstaller did the job.  It identified a huge list of things associated with MFF and asked me if I wanted to get rid of them.  I did so.

I noticed a marked improvement in system performance this time.  Unfortunately bitdefender still doesn't want to cooperate.

I googled those game names; is it possible they are a part of some preinstalled game component from my original PC purchase? I know there are games I don't play; I've only gone there to find card games.  Maybe I clicked on them once just to see what it was.

What do you think so far?

Thanks, Tom.

[SuperDave]

Unfortunately bitdefender still doesn't want to cooperate.

That's ok. It does the same job as ESET.
It would appear that all the nasties are gone. Let's do some cleanup.

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

************************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

[tpolcha]

"Combofix /uninstall wants me to uninstall AVG or find another tool"

I don't think avgfee can be turned off can it? 

[tpolcha]

Don't worry about that question I'll just delete and reinstall avg.