I am just a Mess

What are your current problems? I do see somethings but I want to know what problems you are currently having.

 

Did you make the fix to Spybot's All products bug per the directions in the READ ME? If so, try the fix again. It seems to have ignored the newdotnet infection.

Also did you do step 0 (zero). You have items that should have been uninstalled.

WhenUSave
New.net Startup
WinTools

 

You also have Kazaa install! Possible the root cause of many of your problems.

 

You appear to be way out of date with your Windows Updates. After we fix your current problems you must get updated.

Look in Add/Remove programs for any of the below and uninstall if found:
BestOffers or BestOffers Shopping BHO or ActivShop or e-zshopper
CC2KUI or Comet Cursor Plus
DownloadWare
Kazaa
MediaLoads or MediaLoads Installer
NewDotNet
WhenUsave or WhenU
WinTools

I would also suggest running this tool: KazaaBegone

Some items I mention below may no longer be found after doing the above. Just continue with all steps!

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\PROGRAM FILES\TBONAS\TBONLCHR.DLL
O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\PROGRAM FILES\TBONAS\TBONLCHR.DLL
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\Run: [KAZAA] C:\PROGRAM FILES\KAZAA\KAZAA.EXE /SYSTRAY
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [CC2KUI] C:\PROGRA~1\COMET\BIN\CSTRAY.EXE
O4 - HKLM\..\Run: [DownloadWare] "[ProgramFiles]\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\SAVE\Save.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup
O4 - HKLM\..\RunServices: [WinTools] C:\PROGRA~1\COMMON~1\WINTOOLS\WTOOLSA.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\TBONAS <--- the whole folder
C:\Program Files\Common Files\WINTOOLS <--- the whole folder
C:\Program Files\KAZAA <--- the whole folder
C:\Program Files\DownloadWare <--- the whole folder
C:\Program Files\COMET <--- the whole folder
C:\Program Files\SAVE <--- the whole folder
C:\Program Files\NEWDOT~1 <--- the whole folder

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now run Ccleaner (installed while running the READ ME FIRST). Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

It would have been better to have waited until all malware was removed (as stated) before updating.

What do you want you home page to be? If you try to reset it, you have to allow the change to occur. You have Spy Sweeper installed. Programs like this will normally popup and tell you about the change being made. If you do not okay the change it will obviously not be made.

Oops! I was think of a different name than peoplepc. We need to fix that baddie.

 

I guess you missed the last line that I added to the previous message!

Here is the fix.

First look in Add/Remove programs and uninstall the below if found:
PeoplePC or PeoplePal Toolbar

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.peoplepc.com/websearch
O2 - BHO: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - C:\PROGRAM FILES\PEOPLEPC\TOOLBAR\PPCTOOLBAR.DLL
O3 - Toolbar: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - C:\PROGRAM FILES\PEOPLEPC\TOOLBAR\PPCTOOLBAR.DLL
O16 - DPF: {3B02AAA2-327C-40ED-A849-4BE819AE5385} (ImgSizer Control) - file://C:\WINDOWS\TEMP\~DlfnTmp0\imgSizer.ocx

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete
C:\PROGRAM FILES\PEOPLEPC <--- the whole folder

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Well that was why I at first ignored it but see the below, links about it.

http://vil.nai.com/vil/content/v_136377.htm
http://www.castlecops.com/tk1272-PPCToolbar_dll.html
http://www.spywaredata.com/spyware/malware/ppctoolbar.dll.php

However obviously PeoplePC denies any problems:
http://home.peoplepc.com/peoplepal/faq.asp#spyware

My opionion:
- You don't need the toolbar anyway but you are the one that should really decide if you use the features on it.
- And who are they to choose your home page

 

What do you mean by the above? Are you shutting of the computer by pulling the power plug?

Or do you mean if your PC has been unplugged completely while shutdown that you have more problems at power up? Is the battery for your System BIOS okay? Do you get messages about checksum errors or about setup needing to be run? Is your Clock loosing time & date?

Either way I do not believe your issues are malware related.

 

If you only try booting into safe mode, does it show any of these problems.

And when it is frozen how long are you waiting before you decide to reboot it. With antivirus, antispyware, and firewall programs loading at startup (all required) it will sometime cause some temporary appearance of freezing.