funmoods, can't get rid of it

Welcome to Major Geeks!

Did you knowingingly install ALOT Appbar ? If not then uninstall it.

The same question applies to Yontoo Layers but for it, I recommend uninstalling it unless you really think it is necessary for you. See the below link:
http://www.systemlookup.com/CLSID/56875-YontooIEClient_dll.html

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=af...ByEtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1638907937
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=af...ByEtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1638907937
O2 - BHO: PlayBryte BHO - {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

After clicking Fix, exit HJT.
Now reboot your PC.
After reboot, delete the below folders:
C:\Documents and Settings\steve justin\Application Data\Funmoods
C:\Program Files\Funmoods

Also delete the below file:
C:\Documents and Settings\steve justin\Local Settings\Application Data\funmoods-speeddial.crx

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

A hardware issue of some sort. You will have to discuss this in the Hardware Forum but it could be from the below startup which you could try disabling as a test with MSconfig.
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\STEVEJ~1\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP


One more piece of adware I recomment that you uninstall is the below.
PlayBryte


No please download OTM by Old Timer and save it to your Desktop.

• Right-click OTM.exe and select Run as administrator to run it.
• Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
  (or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
  the code box

Code:

:Processes
explorer.exe
 
:Files
C:\Documents and Settings\steve justin\Application Data\Funmoods
C:\Program Files\Funmoods
C:\WINDOWS\Tasks\desktop.ini
C:\Documents and Settings\steve justin\Application Data\alotappbar
C:\Recycler\S-1-5-21-220523388-1078145449-839522115-1004\desktop.ini
C:\WINDOWS\Temp\TMP00000001A36CCBA7150FA800
C:\Documents and Settings\steve justin\Local Settings\Temp\{A0698287-3302-4A00-B670-442B7D9DD91C}.tmp
C:\Documents and Settings\steve justin\Local Settings\Temp\{A2BA7063-17FF-41E7-AA66-572668D7E239}
 
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}]
:Commands
[purity]
[EmptyTemp]
[start explorer]

[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar
  ) and choose Paste.
• Now click the large http://forums.majorgeeks.com/chaslang/images/MoveIt!.png button.
• If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
• Close OTM.

Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be
saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach
this log file to your next message.


Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• the C:\_OTM\MovedFiles log
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

That's normal. It is to keep you informed that you used MSconfig to temporarily make a change. You did not leave it disabled and thus I still need you to disable it and keep it disabled to see if it is the reason for the message about "Device Driver Installation Complete"

Try shutting down all protection software and then running it. If that does not work, then try safe boot mode.

No but if you make additional posts inbetween, it bumps your thread to the bottom of the work queue. Thus once you reply to what I have asked you to do, don't make anymore posts until I ( or someone else ) gives you additional instructions to follow.

I don't know what you mean. I'm the only one giving you instructions.

 

You're welcome.

Try this.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


Now run MSConfig and put your PC back into normal startup mode and then reboot and make sure the problem is still gone.

No! Not until after I give you final instructions and you have fully completed them.

 

Most likely this is just due to your system specs. You only have 1/4 of the minimum amount of memory I recommend for efficient running of Windows XP. Your logs show the below

Code:

Total Physical Memory 512.00 MB 
Available Physical Memory 345.25 MB

I recommend 2 GB ( 4 x 512 MB = 2 GB )

 

Not according to your logs. As stated, you did not have enough memory for it to run effciently. Sometimes uninstalling a few programs that use memory all the time and doing some disk cleanup and defrag will provide some temporary improvement, but Windows XP cannot run properly with 512 MB of memory.


If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. You can uninstall RogueKiller and HitManPro.
3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
6. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!