HI JACK REPORT FOR MESSAGE: Re Post message Error of IE8 Page

Hi nanabarb,

Welcome to the Dell Community Malware Removal Forum. Do you still require assistance?

Please reply back to THIS thread, please DO NOT start another thread, and we will attempt to solve you malware issues.

Thanks
K27

Yes, I still have the problem.  But recently I got email that I was causing problems on the Malware Forum community with my posting.  I did not intentionally mean to cause a problem.  I replied to the email that I was not aware that I was doing something wrong and it might be best if I ceased my communication with that forum.   But I really would like to get the problem fixed, it is not causing a major problem with the computer but I know that this should not be happening.  Also please understand that I am not knowledgeable about the intricate parts of a computer.  I will try and do what you request or tell me what the problem is with the IE8 error page and why it is happening.  Thank you!  Will wait to hear back from you.

Hi nanabarb,

Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.

Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.

Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.

The reason you more then likely received the e-mail was because you broke one of Dell's rules, this was more than likely due to the multiple post's you made, please only reply to this thread and you should be OK, if you receive any more, please let me know what they regard and I will look in to it for you.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

• Make sure you are connected to the Internet.
• Double-click on mbam-setup.exe to install the application.
• When the installation begins, follow the prompts and do not make any changes to default settings.
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

• If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
• If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

• Make sure the "Perform Quick Scan" option is selected.
• Then click on the Scan button.
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
• Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

• Click on the Show Results button to see a list of any malware that was found.
• Make sure that everything is checked, and click Remove Selected.
• When removal is completed, a log report will open in Notepad.
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
• Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
I need to see some additional information about what is happening in your machine.
Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.com
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool.
• When done, DDS will open two (2) logs

• Save both reports to your desktop.
• The instructions here ask you to attach the Attach.txt.

• Instead of attaching, please copy/past both logs into your next reply.

• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE

Please COPY/PASTE your fresh MBAM log and BOTH DDS logs.

Thankyou,
K27.

I have printed off the instructions and do understand them except 1 item.  At the bottom of the page re: running DDS.  If I understand it correctly, the anti-virus program on the computer is to be disabled.  If that is correct, I do not know how to disable the anti-virus other than un-install it.  AVG free anti-virus is the program that is on the computer.   Next, do I send the Malware report, the two DDS reports on the same reply to you?  I certainly don't want to mess up.  It may be a day or two before I get back to you with the reports.

Hi nanabarb,

Your doing fine. Nearly every tool I request you to run will produce a log. As long as you post them logs to this thread you will be fine. You can cram them all in to one post, or you can use a single post for each log, either way is fine by me and you will not get into any trouble for posting to this thread.

As for disabling AVG, you can find instructions on that by clicking the "Anti-Virus" link below.

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

Once you have time, run the tools requested in my last post and post all three logs back to this thread.

Thanks,
K27.

LOGS:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4191

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/12/2010 2:40:42 PM
mbam-log-2010-06-12 (14-40-42).txt

Scan type: Quick scan
Objects scanned: 144522
Time elapsed: 20 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DDS (Ver_10-03-17.01) - NTFSx86 
Run by ken & barb at 15:22:27.15 on Sat 06/12/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.510.140 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)   {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton AntiVirus 2005 *On-access scanning enabled* (Updated)   {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Worm Protection *enabled*   {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative Home\Hallmark Card Studio 2010\Planner\PLNRnote.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\ken & barb\Local Settings\Temporary Internet Files\Content.IE5\6ZQHNE9C\dds[1].scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: {8EAB99C1-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [UpdateFlow.ATT-SST] c:\program files\att-sst\mccibrowser.exe -appkey=att-sst -url=file://c:\program files\att-sst\offlineupdate\redirector.htm
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Pareto_Update] c:\program files\common files\paretologic\uus2\Pareto_Update.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [RegGenie Scheduler] c:\program files\reggenie\RegGenieScheduler.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe"  /autorun
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\ken&ba~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventp~1.lnk - c:\windows\installer\{601be80d-247b-4084-94c7-7a54369db7a2}\Shortcut_EventPlan_E2FBA8F7F7FD4C5EAA7D652BB0CAAA9D.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: motive.com\pattta.att
Trusted Zone: motive.com\patttbc.att
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {2D337EB0-3BFB-42A3-B314-A24BBA8C085B} - hxxp://download.yahoo.com/dl/mail/yautoiol1.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1168486479390
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128999073828
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - hxxp://bookmarks.yahoo.com/YbConvFav.CAB
DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} - hxxp://www.linksysfix.com/netcheck/67/install/gtdownls.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} - hxxp://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cab
DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - hxxp://trueswitch.com/sbc/TrueInstallSBC.exe
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-28 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-28 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-28 242896]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-13 308064]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2005-2-15 819352]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-30 135664]

=============== Created Last 30 ================

2010-06-12 19:18:37 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-12 19:18:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-11 20:19:15 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-11 18:46:35 0 d-----w- c:\program files\Garmin GPS Plugin
2010-06-11 18:46:18 0 d-----w- c:\program files\Garmin
2010-06-10 22:34:57 29372171 ----a-w- C:\William Oliver Knost Death Certificate.rtf
2010-06-10 00:06:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-04 22:14:44 0 d-----w- c:\program files\Trend Micro

==================== Find3M  ====================

2010-06-02 13:11:11 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-05-06 15:36:38 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
2008-10-02 01:31:40 447488 -c----w- c:\program files\FAMILY GENEALOGY.FTW
2008-10-02 01:31:40 447488 -c----w- c:\program files\FAMILY GENEALOGY.FBK
2008-05-12 23:10:14 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051220080513\index.dat

============= FINISH: 15:24:10.45 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/10/2007 5:20:48 PM
System Uptime: 6/12/2010 6:40:23 AM (9 hours ago)

Motherboard: Dell Computer Corp. |  | 0N6381
Processor:               Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 72 GiB total, 48.952 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1390: 4/3/2010 8:01:41 AM - System Checkpoint
RP1391: 4/4/2010 8:39:28 AM - System Checkpoint
RP1392: 4/5/2010 9:08:14 AM - System Checkpoint
RP1393: 4/6/2010 9:19:04 AM - System Checkpoint
RP1394: 4/7/2010 12:58:21 PM - System Checkpoint
RP1395: 4/8/2010 1:16:21 PM - System Checkpoint
RP1396: 4/9/2010 3:53:40 PM - System Checkpoint
RP1397: 4/10/2010 11:26:44 AM - Avg Update
RP1398: 4/11/2010 11:56:46 AM - System Checkpoint
RP1399: 4/12/2010 10:00:28 AM - Installed %1 %2.
RP1400: 4/12/2010 10:34:12 AM - Removed Adobe Reader 8.2.1
RP1401: 4/12/2010 10:35:34 AM - Installed Adobe Reader 9.3.
RP1402: 4/12/2010 4:34:41 PM - Restore Operation
RP1403: 4/13/2010 8:00:59 AM - Installed %1 %2.
RP1404: 4/13/2010 7:00:26 PM - Software Distribution Service 3.0
RP1405: 4/14/2010 7:00:19 PM - Software Distribution Service 3.0
RP1406: 4/14/2010 9:00:01 PM - Installed Adobe Reader 9.3.
RP1407: 4/14/2010 9:26:43 PM - Removed Adobe Reader 9.3.
RP1408: 4/14/2010 9:29:04 PM - Removed Acrobat.com
RP1409: 4/15/2010 8:10:10 AM - Removed Acrobat.com
RP1410: 4/16/2010 9:21:00 AM - System Checkpoint
RP1411: 4/16/2010 5:12:51 PM - Software Distribution Service 3.0
RP1412: 4/17/2010 8:27:17 AM - Restore Operation
RP1413: 4/17/2010 12:27:14 PM - Software Distribution Service 3.0
RP1414: 4/17/2010 1:25:05 PM - Removed Adobe Reader 9.3.1.
RP1415: 4/17/2010 1:46:10 PM - Installed Adobe Reader 9.3.
RP1416: 4/18/2010 1:46:49 PM - System Checkpoint
RP1417: 4/19/2010 9:14:51 AM - Software Distribution Service 3.0
RP1418: 4/20/2010 9:22:01 AM - System Checkpoint
RP1419: 4/21/2010 7:36:12 AM - Avg Update
RP1420: 4/21/2010 7:38:00 AM - Avg Update
RP1421: 4/22/2010 8:56:49 AM - System Checkpoint
RP1422: 4/23/2010 10:04:11 AM - System Checkpoint
RP1423: 4/24/2010 12:01:13 PM - System Checkpoint
RP1424: 4/25/2010 10:01:54 AM - Software Distribution Service 3.0
RP1425: 4/26/2010 9:01:53 AM - Removed Windows Defender
RP1426: 4/27/2010 10:07:48 AM - System Checkpoint
RP1427: 4/27/2010 2:21:11 PM - Removed Adobe Reader 9.3.2.
RP1428: 4/27/2010 2:37:50 PM - Installed Adobe Reader 9.3.
RP1429: 4/28/2010 6:38:47 PM - System Checkpoint
RP1430: 4/29/2010 6:53:34 PM - System Checkpoint
RP1431: 4/30/2010 7:49:44 PM - System Checkpoint
RP1432: 5/1/2010 8:15:20 PM - System Checkpoint
RP1433: 5/2/2010 8:57:24 PM - System Checkpoint
RP1434: 5/3/2010 9:47:34 PM - System Checkpoint
RP1435: 5/4/2010 10:10:36 PM - System Checkpoint
RP1436: 5/5/2010 8:57:50 AM - Avg Update
RP1437: 5/6/2010 9:02:57 AM - System Checkpoint
RP1438: 5/6/2010 6:47:12 PM - Installed Windows Defender
RP1439: 5/6/2010 6:51:19 PM - Software Distribution Service 3.0
RP1440: 5/7/2010 7:54:43 PM - System Checkpoint
RP1441: 5/8/2010 11:19:36 PM - System Checkpoint
RP1442: 5/10/2010 7:45:25 AM - System Checkpoint
RP1443: 5/10/2010 5:23:24 PM - Software Distribution Service 3.0
RP1444: 5/11/2010 5:46:02 PM - System Checkpoint
RP1445: 5/12/2010 7:59:31 AM - Software Distribution Service 3.0
RP1446: 5/13/2010 9:11:49 AM - System Checkpoint
RP1447: 5/14/2010 11:32:15 AM - System Checkpoint
RP1448: 5/15/2010 12:02:46 PM - System Checkpoint
RP1449: 5/16/2010 2:15:24 PM - System Checkpoint
RP1450: 5/17/2010 2:49:29 PM - System Checkpoint
RP1451: 5/18/2010 3:49:30 PM - System Checkpoint
RP1452: 5/19/2010 4:01:19 PM - System Checkpoint
RP1453: 5/20/2010 7:08:47 PM - System Checkpoint
RP1454: 5/21/2010 7:33:41 PM - System Checkpoint
RP1455: 5/22/2010 8:46:52 PM - System Checkpoint
RP1456: 5/23/2010 8:58:19 PM - System Checkpoint
RP1457: 5/24/2010 9:14:52 PM - System Checkpoint
RP1458: 5/25/2010 10:14:59 PM - System Checkpoint
RP1459: 5/26/2010 7:55:12 AM - Software Distribution Service 3.0
RP1460: 5/27/2010 12:58:07 PM - System Checkpoint
RP1461: 5/27/2010 11:32:29 PM - Removed Windows Defender
RP1462: 5/29/2010 7:21:10 AM - System Checkpoint
RP1463: 5/30/2010 9:02:51 AM - System Checkpoint
RP1464: 5/31/2010 9:39:30 AM - System Checkpoint
RP1465: 6/1/2010 9:48:53 AM - System Checkpoint
RP1466: 6/2/2010 8:11:26 AM - Avg Update
RP1467: 6/3/2010 9:34:17 AM - System Checkpoint
RP1468: 6/4/2010 8:04:44 AM - Software Distribution Service 3.0
RP1469: 6/4/2010 5:14:41 PM - Installed HiJackThis
RP1470: 6/5/2010 6:35:16 PM - System Checkpoint
RP1471: 6/6/2010 6:59:41 PM - System Checkpoint
RP1472: 6/7/2010 9:28:44 PM - System Checkpoint
RP1473: 6/8/2010 9:52:08 PM - System Checkpoint
RP1474: 6/9/2010 7:00:27 PM - Software Distribution Service 3.0
RP1475: 6/9/2010 10:00:26 PM - Software Distribution Service 3.0
RP1476: 6/10/2010 10:12:21 PM - System Checkpoint
RP1477: 6/11/2010 10:17:21 PM - System Checkpoint

==== Installed Programs ======================

1400
1400_Help
1400Trb
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
AiO_Scan
AiOSoftware
Apple Application Support
Apple Software Update
AT&T Self Support Tool
AT&T Yahoo! Applications
AVG Free 9.0
Banctec Service Agreement
BufferChm
CardRecovery
CCleaner
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Critical Update for Windows Media Player 11 (KB959772)
CrossLoop 2.51
CueTour
CustomerResearchQFolder
Dell Driver Reset Tool
Dell Media Experience
Dell Picture Studio v3.0
DellConnect
DellSupport
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DiskeeperServer
DocProc
DocumentViewer
DocumentViewerQFolder
eSupportQFolder
Family Tree Maker 2006
Fax
FullDPAppQFolder
Garmin Communicator Plugin
Garmin USB Drivers
GdiplusUpgrade
Glary Utilities 2.15.0.738
Google Toolbar for Internet Explorer
Google Update Helper
Hallmark Card Studio 2010
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Print Diagnostic Utility
HP Product Detection
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
InstantShareDevices
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
J2SE Runtime Environment 5.0 Update 9
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java Auto Updater
Java(TM) 6 Update 18
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Logitech Legacy USB Camera Driver Package
Logitech QuickCam
Logitech QuickCam Driver Package
Logitech Updater
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Premium
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows XP Video Decoder Checkup Utility
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NewCopy
OpenOffice.org 3.2
PanoStandAlone
PhotoGallery
ProductContext
QuickTime
RandMap
Readme
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SkinsHP1
Skype Toolbars
Skype™ 4.2
SolutionCenter
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Sonic_PrimoSDK
SoundMAX
Spelling Dictionaries Support For Adobe Reader 8
Status
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URGE
WeatherBug
WeatherBug Browser Bar - powered by MyWebSearch
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
Windows Defender Signatures
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
WinZip
WordPerfect Office 12
Yahoo! Auto Outlook Import
Yahoo! Search Protection

==== End Of File ===========================

Hi nanabarb,

First i need you to go to:

• Start (windows icon bottom left corner of screen)
• Control panel
• Add/Remove programs

J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
WeatherBug
WeatherBug Browser Bar - powered by MyWebSearch

• Uninstall all of the above
• Reboot PC

Then Please hold the Windows key (the one with the Windows icon located on bottom left of Keyboard) and the "R" key > and copy/paste the bold writing regedit /e C:\regback.reg to the diagloge box and hit enter.
Please wait untill your loading icon (hour glass/spinning circle) finishes before continuing.

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

Please download OTM by OldTimer. Save it to your desktop.

Double click OTM.exe to start the tool.

• Copy the text between the dotted lines below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

   

  ----------------------------------------------------------------------

  :processes
  explorer.exe
  
  :drivers
  Symantec Core LC
  
  :files
  C:\Program Files\Common Files\Symantec Shared
  C:\Program Files\AWS
  c:\program files\reggenie
  
  :reg
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8EAB99C1-F9EC-4b64-A4BA-D9BCAE8779C2}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer\Toolbar]
  "{BA52B914-B692-46c4-B683-905236F6F655}"=-
  "{8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2}"=-
  "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Weather"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\currentversion\Run]
  "RegGenie Scheduler"=-
  
  :commands
  [start explorer]
  [emptytemp]
  [reboot]
  

  ---------------------------------------------------------------------

  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM
  
  Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

   

  If the machine reboots, the Results log can be found here:

  c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

  Where mmddyyyy_hhmmss is the date of the tool run.

  Please post the OTM log back and please let me know how the system is now running.

  Thanks,
  K27.

I started the processes you ask me to to but ran into a problem.  When I went to the Control Panel-Add and Remove Programs.  I was able to un-install all programs except the WeatherBug Browser Bar.  The following error message came up: RUNDLL -  Error loading C:\PROG\MY WEBS\bar\3.bin\w6bar.dll.  The specific module could not be found.  I probably will finish the rest of the processes Monday or Tuesday.  Let me know if there is some other way I can un-install the WeatherBugBrowser Bar.

nanabarb,

The WeatherBug Browser bar was more than likely removed with Weather Bug, even if it wasn't, then the script for the next tool will take it out.

Please proceed with running OTM and post the results back when done.

Thanks,
K27.

One more question before I do the OTM?  Since I don't know or understand what I am doing is there a possibility that I can crash the computer if I make a mistake while doing the OTM.  I don't want to lose anything I have on the computer at the present time.   I have read the instructions carefully and will do that again before doing the OTM.  Hope you understand and I appreciate you putting up with me.

Hi nanabarb,

Your Welcome and its no problem at all.

There is nothing in the OTM script that should kill the system and if the tool is run incorrectly, it will just produce a error in the log that is provided, if one even appears when run incorrectly.

 That said, You are right to be cautious, when dealing with Malware it can some times be hit and miss as to what will happen when we try to remove it, if you have not done so already; Please backup anything you can not bear to lose, but you will be fine.

In very rare cases where the system becomes unbootable, there are ways to get you up and running again. as long as you follow the instructions and do not try self cleaning while we are working together, you will be OK.

Thanks,
K27.

No problem,

Thank You for letting me know.

Thanks for you reply.  If it is okay with you, it may be a day or more before I do the OTM as I do have items, etc. that I want to back up and also have a doctor's appt, etc.  I will get back to you with the report in the next few days. 

I apologize for not getting back to you sooner but I think I need to explain something to you.  I have been diagnosed with cancer and am on oral chemo.  Some days, I am not too alert, etc. due to the oral chemo along with some other side effects.  I haven't felt like attempting to do what you have requested.  I am thinking about asking someone to come and do it for me.  I do wish there was a way that someone could come in on the computer and do what  you have asked me to do.  I hope you understand and I do so much want to get the computer straightened out.  Please be patient with me,  I will get it done one way or another.