I think I need help...

Please use add/remove programs to uninstall:
Java 2 Runtime Environment, SE v1.4.2_03
Reboot and install:
Java Runtime 6

Please disable all anti-virus and anti-spyware programs while we do the following:

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

NOTE: HJT may popup an error about the AppInit_DLLs line. Ignore it and click OK to continue.

After clicking Fix, exit HJT.

Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Sophos Anti-Rootkit will scan your computer for files that have been hidden using rootkit technology.

Many of the newer malware infections use this technology to hide themselves and to make them more difficult to remove.

Installation

Download Sophos Anti-Rootkit 1.1 and save to a location you will be able to find such as your desktop

Run sarsfx.exe by double clicking on it.

Click Accept to agree to the EULA

Click Install (if you wish to change the default installation location do so here but remember where you install to, the default is C:\SOPHTEMP)

Once it finishes copying files, exit the installer​

Running the scan

Navigate to the location that you installed the software to (Default: C:\SOPHTEMP)

Run sargui.exe by double clicking on it.

Ensure that all three of the options are checked

Click Start Scan

Once the scan is complete, close Sophos Anti-Rootkit by closing the scan window and clicking Exit in the main window

DO NOT CLICK 'CLEAN UP CHECKED ITEMS' OR ATTEMPT TO HAVE SOPHOS ANTI-ROOTKIT FIX ANYTHING UNLESS SPECIFICALLY INSTRUCTED TO IN THE THREAD YOU ARE WORKING ON​

Finding the logsClick on Start --> Run

Type in %TEMP%\sarscan.log and press enter

The log file will open in the default editor (probably Notepad)

Click File --> Save As and save the file to your desktop or other location for easy retrieval.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and Please attach the sarscan log and:

 

MpCmdRun.exe is related to Defender's Command Line Utility and real-time monitoring component which is required for updating the program's signature definitions. MpCmdRun.exe scans for the availability of new signatures from the Microsoft site and then initiates the updating process as new ones become available. During the process MpCmdRun.exe will perform DNS queries to determine the exact IP address before connecting. In order to accomplish this task, the component must have frequent access to the Internet and thus, you may get an alert from your firewall.

ATWPT2.SYS --- AOL driver that is needed.

* Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
* On the page that opens, scroll down to Aim Version 6
* then right click the entry, select Properties and press Stop Service.
* When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
Now do the same for AOL Update Manager
* Click OK until you get back to Windows.

* Next, run HJT, but instead of scanning, click on the None of the above, just start the program button at the bottom of the choices.
* At the lower right, click on the Config button
* Then click the Misc tools button
* Select Delete an NT Service
* Copy/paste Aim_6 into the box that opens, and press OK
* If you receive any error messages just ignore them and continue.
Now do the same for AOL_Hosts
* Now exit HJT.
Reboot if needed.

Your system is clean!