Hello need help and I saw this forum and was hoping someone could. I keep getting reidirected to different websites so I google that and found a thread on this site that helped but I am a novice and don't know exactly how to fix my problem. Another problem I have is sometimes get a window saying Server Busy then there is an option to switch to or retry. when I click switch to the start menu opens then when I close the start menu the server busy message sometimes goes away and sometimes it stays.What gives?

The thread I read someone mention to go to majorgeeks and download Malwarebytes so I did and after scanning this is what I got...

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5642

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

1/30/2011 10:06:18 PM
mbam-log-2011-01-30 (22-06-12).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 260559
Time elapsed: 3 hour(s), 45 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 13
Files Infected: 24

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\system32\wineay32.dll (Trojan.Nebuler) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wineay32 (Trojan.Nebuler) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Simple (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Folders Infected:
c:\documents and settings\Owner\application data\adssite advanced toolbar (Adware.AdRotator) -> No action taken.
c:\program files\myglobalsearch (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\History (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\History (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Settings (Adware.MyWebSearch) -> No action taken.

Files Infected:
c:\WINDOWS\system32\wineay32.dll (Trojan.Nebuler) -> No action taken.
c:\documents and settings\Owner\application data\adssite advanced toolbar\advertbuttons.xml (Adware.AdRotator) -> No action taken.
c:\documents and settings\Owner\application data\adssite advanced toolbar\selected.xml (Adware.AdRotator) -> No action taken.
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache\0036DF0E (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache\006D850C.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache\006D87AC.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache\006D88D5.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache\019BD707 (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\History\search (Adware.MyWebSearch) -> No action taken.
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\1.bin\MY2NS.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\1.bin\mywaypluginproxy.class (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\1.bin\PARTNER.BMP (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\1.bin\PARTNER.DAT (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\1.bin\PARTNER2.DAT (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Cache\00036FC2 (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Cache\000426CE (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Cache\000A2AE7 (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\History\search (Adware.MyWebSearch) -> No action taken.
c:\program files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken.

Hi, bizarre, as a first step, if you still have that MBAM scan result page active, ENSURE that EVERYTHING found has a CHECKMARK against it, then click Remove Selected. They are all bad entries.
MBAM will pop a fresh log for you. If MBAM has been closed, redo the quick scan and Remove Selected.
Then....
Download gmer.zip from http://www.majorgeeks.com/GMER_d5198.html ...or the exe from http://www.gmer.net/download.php
-dclick on gmer.zip and unzip the file to its own folder or to your desktop.
==Download DDS by sUBs and save it to your Desktop. http://download.bleepingcomputer.com/sUBs/dds.scr
Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).

-disconnect from the Internet and close all running programs.
-dclick Gmer.exe to start it; wait for the intial scan to complete [a few seconds]. Press the Copy button, open Notepad and paste into it.
-place checkmarks ONLY at IAT/EAT, Devices, Modules, Processes, Threads; click the Scan button and wait for the scan to finish (do not use your computer during the scan).
-again press the Copy button, paste into that Notepad.
Paste both the DDS.txt and the DDS Attach.txt into your post for assistance, along with the GMER logs and that MBAM log.
Most likely a moderator will then move your thread over to Virus and Spyware Forum.

Alright I took a while because my computer is running slow but I did it.
Here is the MBAM log after I REMOVE SELECTED.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5642

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

1/30/2011 10:39:56 PM
mbam-log-2011-01-30 (22-39-56).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 260559
Time elapsed: 3 hour(s), 45 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 13
Files Infected: 24

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\system32\wineay32.dll (Trojan.Nebuler) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wineay32 (Trojan.Nebuler) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Simple (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
c:\documents and settings\Owner\application data\adssite advanced toolbar (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\WINDOWS\system32\wineay32.dll (Trojan.Nebuler) -> Delete on reboot.
c:\documents and settings\Owner\application data\adssite advanced toolbar\advertbuttons.xml (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\documents and settings\Owner\application data\adssite advanced toolbar\selected.xml (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache\0036DF0E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache\006D850C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache\006D87AC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache\006D88D5.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache\019BD707 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\1.bin\MY2NS.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\1.bin\mywaypluginproxy.class (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\1.bin\PARTNER.BMP (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\1.bin\PARTNER.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\1.bin\PARTNER2.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Cache\00036FC2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Cache\000426CE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Cache\000A2AE7 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Here is the DDS
DDS (Ver_10-12-12.02) - NTFSx86
Run by Stiles at 0:58:33.04 on Mon 01/31/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.638.120 [GMT -5:00]

AV: Norton AntiVirus *Enabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton AntiVirus *Enabled*

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Verizon\VSP\ServicepointService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Wireless Optical Mouse\MOffice.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless Optical Mouse\MOUSE32A.EXE
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\Stiles\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://rightonadz.biz/bc/123kah.php
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Wisdom-soft toolbar: {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - c:\program files\wisdom-soft\tbWisd.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: Wisdom-soft toolbar: {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - c:\program files\wisdom-soft\tbWisd.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton antivirus\osCheck.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [FLMOFFICE4DMOUSE] c:\program files\wireless optical mouse\MOffice.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%

I am having trouble posting the logs I think maybe because it is so long...

I added the attachment because I was unable to post it directly for some...

Here is the Attach text..

The two scans the intial Gmer and the one after just checking IAT/EAT, Devices, Modules, Processes, and Threads.
Again I apprecaite you help me I have no idea what I am doing.

Cool, bizarre, and thanks.
==Download tdsskiller from this link, save it to your desktop:
http://support.kaspersky.com/downloads/utils/tdsskiller.exe -you may need to download it to a clean computer and then transfer it to the desktop using a USB flash drive.
Start TDSSKiller via this command, NOT the icon:
"%userprofile%\desktop\tdsskiller.exe" -l C:\tdssrpt.txt <==paste this into Start, Run...
- click Scan. If TDSSKiller finds a rootkit and prompts a Cure then press Continue [a reboot may be required]; press Continue also on Skip prompt. Do not delete or quarantine any files.
Post the log from C:\.

You must choose between AVG and Symantec. Running two active AV services is less than a bad idea. You are paying for Symantec, and recently they have been getting much better reviews with their new software, I'd keep that one and uninstall AVG. That may not be easy, you might require the uninstall tool from their site. I suggest you use it anyway.
You can remove any of those toolbars from Add/Remove Pgms [Google, Wisdom].
JAVA Update:
Download JavaRa: http://sourceforge.net/projects/javara/files/javara/JavaRa/JavaRa.zip/download ; Unzip, and dclick JavaRa.exe. In the box that pops press Search for Update [select Using jucheck.exe]; when updating completes then press Remove Older Versions.
Update, and rerun MBAM, post that log.

I think this is the log after I click continue and I reboot i am done right I just post this log?

Ok I just updated Java and removed older versions. I am going to remove AVG and do MBAM scan

I have a question about removing AVG it says uninstall AVG 2011 then there is a selection Remove user settings and include objects in virus vault. do I check both?
Also I have AVG PC Tuneup 2011 do I have to uninstall that too??

"there is a selection Remove user settings and include objects in virus vault. do I check both?" Yes, you should.
TDSSKiller required a restart at some stage to remove a found rootkit. No other action is required by you for that. You may have already restarted.
AVG PC Tuneup 2011 - you may leave that on your sys, it is unrelated to the AV service.

www.malwarebytes.org

Database version: 5642

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

1/31/2011 5:57:58 PM
mbam-log-2011-01-31 (17-57-58).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 254583
Time elapsed: 3 hour(s), 11 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Much better. You might run these, the first is a general, configurable cleaner; next choose one of the online scanners.
Firstly, get CCleaner from http://www.ccleaner.com/ - and install it in a new folder. You should keep this one for general use. I set the installation checkboxes only to Open and Run from the recycle bin. It's neater that way.
Now run CCleaner from the recycle bin rclick menu using its default settings [if you set up CCleaner as i suggested, rclicking the bin icon should give you the Open CCleaner option...].
If you have FireFox open the Applications tab and ensure at least that Cookies and Cache are checked.
Select the Cleaner icon, press Run Cleaner.
Run CCleaner in any other Accounts.
Lastly, run one of these:
==Pandasoftware ActiveScan using IE or Firefox from http://www.pandasecurity.com/activescan/index/
==Bitdefender Online Scan using IE only: http://www.bitdefender.com/scanner/online/free.html
- post the results, please.

BitDefender Online Scanner - Real Time Virus Report

Generated at: Tue, Feb 01, 2011 - 20:27:22


--------------------------------------------------------------------------------

Scan Info

Scanned Files
504425

Infected Files
8


Virus Detected

Adware.Generic.145282
1

Gen:Variant.Kazy.5557
1

Java.Trojan.Downloader.OpenConnection.AI
4

Trojan.Generic.IS.562680
2


--------------------------------------------------------------------------------

This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.

I did the ccleaner scan before I did the bitdefender scan how do I post that log?

Hi, to post that BiDefender log...click the Detected Problems tab > select "Click here to export" the scan report.
Change the Save as type to Text (Tab Delimited) (*.txt), enter a filename and save. ATTACH the log via Advanced Post button.

Hi, to post that BiDefender log...click the Detected Problems tab > select "Click here to export" the scan report.
Change the Save as type to Text (Tab Delimited) (*.txt), enter a filename and save. ATTACH the log via Advanced Post button.

I go to save it and it only lets me save as (*.html) what gives?

Ok I think I got it.

That is possibly a bit heavy handed of BiDefender. The files it detected as malware etc were all files of AVG's PC Tuneup, as you can see. You will have to reinstall that pgm. IT is legit, I hope....
It looks like that wraps it up, your sys seems good to go. Cheers.

Ok great I uninstalled avg pc tune up. Again thank you for all your help I really appreciate it.