"Error loading E6F1873B.DLL" at start-up, sometimes causing continuous rebooting

Please install and use HijackThis per the following instructions:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

You must only use one antivirus program. I see McAfee and Avast items in your log. Pick the one your prefer and removal the other.

You still have problems. That's the reason why everyone does not analyze their own logs. They have no idea what they are looking for. And while automatic analyzers have gotten better they are far from perfect and they do not tell you how to actually fix the problems. It is not always that straight forward.

First disable Spybot's Teatime because it can get in the way during cleanup.

To disable TeaTimer, run Spybot and click Mode and select Advanced Mode. Then click Tools and select Resident. Now in the right window pane, uncheck TeaTimer.
Also while this is open, in the left column now select IE Tweaks and then in the right pane make sure all the Miscellaneous locks are unchecked.
Now quit Spybot!

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Please run HijackThis and click on the "Open the Misc Tools Section" button on the open page. Then select "Open process manager" on the left-hand side. Look for the following process (or processes) and one at a time kill them by selecting it and then click "Kill process". Then click yes.
C:\WINNT\system32\devmgr78.exe

After killing all the above processes, click "Back".
Then please click "Scan" and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {30FD3E0A-B84C-789E-8750-60550887723D} - (no file)
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [09071c61d176] C:\WINNT\system32\d3dxof09.exe
O4 - HKLM\..\Run: [Uninstall_TBPS] C:\WINNT\Temp\TBuninst.exe /remove
O4 - HKLM\..\Run: [Uninstall_WinTools] C:\WINNT\Temp\WTuninst.exe /remove
O4 - HKLM\..\Run: [540432c9d421] C:\WINNT\system32\devmgr78.exe
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) -

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\WINNT\system32\E6F1873B.DLL
C:\WINNT\system32\devmgr78.exe
C:\WINNT\system32\d3dxof09.exe
C:\WINNT\Temp\TBuninst.exe

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now run Ccleaner (installed while running the READ ME FIRST).

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Please do not post HJT logs inline. They will normally be deleted.

Are your saying these folders do not exit:
D:\McAfee VirusScan 6.0
C:\Program Files\McAfee\McAfee Shared Components

Are you also saying you no longer have the below installed:
O23 - Service: Speed Disk service - Symantec Corporation - D:\Norton Speed Disk\nopdb.exe


Have HJT fix the below lines and delete the folders if they exist:

O4 - HKLM\..\Run: [Alogserv] D:\McAfee VirusScan 6.0\alogserv.exe
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR

 

Yes! It was clean but do not post logs inline. They will be deleted.

You should now follow the steps in: How to Protect yourself from malware!

 

Re: sorry

Posting is fine but they must be attached! You're welcome.

Make sure you follow the steps in the link I just gave to you.

 

Not true! It is a great program. I use it all the time. No problems.

Just don't use the registry fix stuff. No programs like that are truly safe. But if you do a backup of your registry first it is still not a problem.

 

Re: CCleaner

You're welcome. Surf safely.