I'll try to finish you up. There are a lot of users with malware and fewer volunteers to help them!
Please run the Norton Removal Tool for the left over Norton Internet Security Suite Service:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039
After you have run that tool, check this and make sure the entry is either gone or disabled:
Open IE> Tools> Manage add-ons> there are 2 sections 1. add-ons currently used and 2. add-ons previously used> look in both sections for the Symantec Download Manager which may show as
symdlmgr> highlight the entry> Disable.
Once I have completed this process, will it be safe to back-up my data and application files (Word, Xcel, etc.) to an external drive for transfer to a new system if necessary.
Only if all the malware has been removed.
It appears that your router may not be installed or configured correctly due to this incomplete entry:
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
There should also be an entry in 'running processes' but there is not. Please recheck the router installation.
I recommend you remove the Ask Bar. If it is listed as the default search engine, change that:
Internet Options> General tab> See 2/3 of the way down the section "change search defaults"? That's what you want. Click on the button "Settings" right next to that and you'll see:
Click on the small text link "find more providers" on the lower left corner> Choose Google.
(Note: AskBar might not be set as the default)
Reopen HijackThis to
do system scan only] and check the following entries if present:
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
Close all Windows except hijackThis and click on Fix Checked
Boot into Safe Mode
- Restart your computer and start pressing the F8 key on your keyboard.
- Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Start> Run> msconfig> enter> Selective Startup> Startup tab> Uncheck the following if present:
All Ask entries
All Symantec/Norton entries
Apply> OK
Control Panel> Add/Remove Programs> highlight any Ask entries> Uninstall
Then right click on Start> Explore> Programs> right click on any Askfolder> Delete.
Reboot the computer. Ignore and close the nag message you will get after checking 'don't show this message again.'
Please run a full system scan with AVG. Save the log and attach to your next reply.
Follow with new scan from HijackThis. Attach new logs.
Do any of the original problems still exists? Which?
Are there any new problems? What?
EDIT: You'll see this when you come back with the logs. We are glad to help and appreciate it when what we suggest is followed. And it can be a team effort if one member is more experienced in a particular system area.