I don't care too much for registry cleaners - often they do more harm than good and you'd be hard pressed to see any improvements after using them.
More and more people are infected by P2P stuff...

Great!

-- Did you adjust your security settings in IE to deal with the error message?

-- Let's remove Combofix and the files/folders it created:

• Click Start > Run
• Type or...

This is a known problem for many AV products - I think more to do with Security Center and Vista than the AV.

There are a few different programs available to reset Security Center, if you care to...

Great - Go ahead and delete those two files.
If you are more comfortable renaming c:\windows\system32\fbhco.dll to fbhco.OLD rather than deleting it, then do that.

The other one obviously needs...

It's probably just Vista being Vista....

If you haven't solved this already, you can try this:

-- Open an Elevated Command Prompt...

Happy to help - my worry is that I'll get sloppy when pressed for time and miss something.


Anyhoo, that log looks OK to me outside of a couple things.
I do not know what these are:
...

That's your call.

I'm sure sUBs would not release it at this point unless he was confident it was working properly - but again, there are no guarantees.

I would still like to get a handle on...

That is to be expected. Once we get this sorted out, we'll flush System Restore. Just ignore that for now - not going to hurt anything and it's good to have a restore point on hand if needed. Even an...

Yeah - that happens now and then. Usually due to a bad interaction with a piece of malware. Not sure if that's the case this time as I was away from compy for much of the weekend.
Go ahead and...

It is hard to say how you got infected - looks to me as though much was cleaned before you posted here.
A lot of times I see a ton of P2P clients/apps on infected compys. Also, could be some sort of...

Ok - it ran and cleaned the first time through. The only difference between that and the command I posted was the log output.

The second run was clean, so we're good there.

Hold off on that...

How did you run it wrong? Did it prompt you to delete anything?

The log you posted is clean - otherwise it would have shown something like "atapi.sys is infected by TDSS rootkit" and then cured...

There are a lot of good forums, but most are overwhelmed with requests for help and have few regular volunteers. Factor in the holidays and you might have quite a wait.
I have a friend who runs the...

Sorry for the late reply - really tied up with work these days.

Please try the following:

Click START > RUN > type cmd and hit OK
At the prompt Copy&Paste the complete text in Red below and...

Do you have any reason to suspect malware?


Let's try this:
-- Download DDS by sUBs (http://download.bleepingcomputer.com/sUBs/dds.scr) and save it to your Desktop
-- If your AV has a...

Well . . . That combofix log is ugly. You have some nasty rootkitted malware. Probably not responsible for the IE8 issues since other browsers work, but definitely more serious and worrisome....

...

Well, there is some malware showing in that log, so let's try this:

If you already have Combofix on your machine, DELETE it.
Then follow the instructions in the link below to download a fresh...

Sorry for the lack of replies - it's the holidays and most of the regular volunteers are pretty busy. That and most IE8 issues are hard to track down if not obviously due to malware....

Not sure...

^^^What she said!!

Actually, though, in your case I think a reformat was the right way to go - I was just a bit leery of the homemade XP CD.

Glad it all worked out OK :)

PP

Do you have a utility on the compy to burn recovery media from this partition? It would probably be START > All Programs > Tools or Accessories, if not obvious....

That would be best, if you are...

Do you need a second partition?

Is d:\ your original recovery partition?

You're not going to ruin anything. Worse comes to worse, you can buy a legit OS CD and use that.
All you are doing is wiping the hard drive - no worries. If you run into problems with your current...

I'd rather try a bootable recovery console, than the homemade XP CD, to be honest. Very leery of that.
With the recovery console, we could repair MBR and Boot.ini.
Unfortunately, my time is very...

Hang on for a bit and let me go over the thread and try to answer those questions :)

Will post them shortly.

HA! I know - same here!
Hey - at least I learned some things along the way about Vista and Laptop touchpad sensitivity....... I'm sure they will come in handy down the road for people with similar...

Well . . . . I didn't think of it either . . . .

Happy to have been of service :)

I feel a tinge of regret in saying this, but it appears the Ulysses of Daniweb threads has come to a close....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:46, on 29/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
...

-- What do you mean by that - what happens when you try?
(tap F8 on restart)

-- Don't panic just yet :)
While a reformat is generally best in these cases, I suspect you may run into problems...

You're welcome :)

-- I was talking to a friend and she mentioned she had a similar problem with her laptop cursor jumping around and it was due to her touchpad.
In your control panel / mouse...

Yes - That is normal. No worries. Just let it run and delete the baddies it is unable to neutralize.

-- Can you attach that Zip from AVPTool for me please.

Since combofix can't run and MBAM...

That is not the proper procedure. We like to operate under the assumption that "an infected restore point is better than none at all" in the event that the repair process goes awry and we need to...

Did you reboot and try combofix?



If that doesn't work, let's try another powerful tool:
Please Download Kaspersky's AVP Tool (http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/)

--...

What's the setup.exe from?

At this point, I am not sure what to tell you - there are so many different areas to investigate that it would not really be feasible to do that in a forum setting.
The...

OK - Let's have a whack at this AVG:

Please download the attached RemAVG.zip and extract RemAVG.reg from the Zip to your desktop.
-- DoubleClick on RemAVG.reg and allow the contents to merge...

Great!

Now, do the Avenger step from post #57 and see if combofix will run.

Let me know how you fare.

PP:)

I am going to be away from the computer for a while, so I'll assume you were able to copy atapi.sys to C:\atapi.sys as in post #56.


If it is not still on the ill machine, please download The...

It may not allow you to do so. No worries - we'll do it a different way.

-- Open task manager and see if you can stop svchust.exe from running. Note the spelling.
Let me know.

-- Also, try...

I've got to run, so I'll assume you can get a command prompt.

Let's do this:

Open a command prompt and type the following exactly as I have posted it. Copy and paste would be better so you...

Well . . .I need to update that a bit LOL!

Anyhoo, I think it shows enough to get started.


Are you able to get a command prompt on the ill computer?
START > RUN > Type cmd OK

PP:)

Great - I'll post some removal steps late tonight or Monday to remove the AVG stuff from registry.

PP:)