I did run the uninstall from regular mode that is what it says to do in your reply I thought…
Yes it did have a USB keyboard hooked up to it, it is an Acer Aspire 3050 laptop with windows xp…It is still locked into safe mode and the curser will not move with the touchpad or the mouse…I have held down power for 5 sec twice but it still comes back the same…
OK Power off the computer, remove the battery for a few minutes
Then reinsert the battery and restart, let me know how that goes
No good.
So are you not able to boot into the system at all ?
Download Peazip to the desktop
Run and install the programme
Download the following files to the desktop … Right click the links and select save as…then select desktop
Right click OTLPE on your desktop and select …Open as archive
https://dl.dropbox.com/u/73555776/Unzup%20archive.png
Select OTLPE standard
https://dl.dropbox.com/u/73555776/select%20archive.PNG
Click Extract, ensure that desktop is selected
https://dl.dropbox.com/u/73555776/extract%20archive.PNG
Insert the USB stick Then run Rufus
https://dl.dropbox.com/u/73555776/rufus.JPG
Select the ISO file on the desktop via the ISO icon.
Press Start Burn
https://dl.dropbox.com/u/73555776/RufusISO.JPG
Once the USB has burnt then
[*]Download Farbar Recovery Scan Tool and save it to the flash drive.
[*]Reboot your system using the boot USB you just created.
Note : If you do not know how to set your computer to boot from USB follow the steps here
[]As the Programme needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads 
[]Your system should now display a Reatogo desktop.
[]Locate the flash drive and run FSRT
[]The tool will start to run.
http://i1224.photobucket.com/albums/ee362/Essexboy3/Farbar/FRST2.gif
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
I can do nothing with it, the cursor will not move so I could select Robert or Adminitrator to log in…I assume you want me to do all this stuff on my other pc…I took out the battery again giving it a bit longer to try again…
Okay, when I click on your peazip link it gives me this…403. That’s an error.
Your client does not have permission to get URL /files/peazip-4.7.3.WINDOWS.exe from this server. (Client IP address: 173.89.241.1)
You are attempting to perform an activity that you have insufficient permissions for. If you feel this is in error, please contact the project administrator. That’s all we know.
I went to download it from the peazip site and it was different from what you show no avg ticks I went custom install…
Ta I will change the link … Meanwhile use this
http://peazip.sourceforge.net/
The site you got it from may have removed AVG … I will download a new copy myself and check it out
Yep you are correct I have changed the links and screenshots now
Okay, here it is:Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by SYSTEM on REATOGO on 05-04-2015 21:59:55
Running from X:
Platform: Microsoft Windows XP (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM.…\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM.…\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM.…\RunOnce: [*avastClear] => C:\WINDOWS\Temp\avastclear.exe [5581328 2015-04-04] (Avast Software s.r.o.) <===== ATTENTION
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM.…\Policies\Explorer: [NoFolderOptions] 0
HKU\Wendy\Control Panel\Desktop\SCRNSAVE.EXE → C:\WINDOWS\system32\ssmypics.scr [47104 2008-04-14] (Microsoft Corporation)
Lsa: [Notification Packages] :\WINDOW scecli
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-02-20] (SUPERAntiSpyware.com)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-11-17] (Oracle Corporation)
S2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1093632 2006-08-16] (Broadcom Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36864 2006-06-18] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [424320 2006-08-16] (Broadcom Corporation)
S3 ESDCR; C:\Windows\System32\DRIVERS\ESD7SK.sys [47104 2007-08-15] (ENE Technology Inc.)
S3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [64512 2007-08-15] (ENE Technology Inc.)
S1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47928 2014-12-10] ()
S3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSF_HWAZL.sys [210688 2008-05-08] (Conexant Systems, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [120024 2015-03-30] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-31] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 RTLWUSB; C:\Windows\System32\DRIVERS\RTL8187.sys [332928 2008-06-26] (Realtek Semiconductor Corporation )
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2012-02-20] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2012-02-20] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 IntelIde; No ImagePath
S1 SABKUTIL; ??\C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys
S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 14:47 - 2015-04-04 14:47 - 00356232 _____ (Dropbox, Inc.) C:\Documents and Settings\All Users\Desktop\DropboxInstallerAvast.exe
2015-04-04 14:27 - 2015-04-04 14:28 - 05581328 _____ (Avast Software s.r.o.) C:\Documents and Settings\Wendy\Desktop\avastclear.exe
2015-04-01 12:24 - 2015-04-01 09:38 - 01135104 _____ (Farbar) C:\Documents and Settings\Wendy\Desktop\FRST.exe
2015-04-01 09:50 - 2015-04-03 02:49 - 00000000 ____D () C:\FRST
2015-03-31 00:26 - 2015-03-31 00:26 - 00000000 ____D () C:\Documents and Settings\Administrator.BUCKEYEROB39\Application Data\Adobe
2015-03-31 00:25 - 2015-03-31 00:25 - 00000000 __SHD () C:\Documents and Settings\Administrator.BUCKEYEROB39\IETldCache
2015-03-31 00:24 - 2015-04-01 12:14 - 00000000 ____D () C:\Documents and Settings\Administrator.BUCKEYEROB39\Local Settings\Temp
2015-03-31 00:24 - 2015-03-31 00:29 - 00000178 ___SH () C:\Documents and Settings\Administrator.BUCKEYEROB39\ntuser.ini
2015-03-31 00:24 - 2011-11-28 12:15 - 00000000 ____D () C:\Documents and Settings\Administrator.BUCKEYEROB39\Application Data\Macromedia
2015-03-30 21:48 - 2015-04-01 15:45 - 00000335 _____ () C:\Windows\nsw.log
2015-03-30 09:33 - 2015-03-30 09:33 - 00002074 _____ () C:\Documents and Settings\Wendy\Desktop\Sophos Virus Removal Tool.lnk
2015-03-30 09:33 - 2015-03-30 09:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sophos
2015-03-30 09:32 - 2015-03-30 09:32 - 00000000 ____D () C:\Program Files\Sophos
2015-03-30 09:28 - 2015-03-30 09:28 - 00032768 ___SH () C:\Documents and Settings\Wendy\My Documents\Thumbs.db
2015-03-29 21:49 - 2015-03-30 00:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes Anti-Exploit
2015-03-29 21:49 - 2015-03-29 21:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2015-03-26 22:32 - 2015-03-29 00:51 - 00000664 _____ () C:\Windows\System32\d3d9caps.dat
2015-03-26 22:27 - 2015-03-28 22:21 - 00000000 ____D () C:\Documents and Settings\Wendy\Local Settings\Application Data\razyhy
2015-03-21 14:43 - 2015-03-21 17:35 - 00000082 _____ () C:\Windows\setupact.log
2015-03-21 14:43 - 2015-03-21 14:43 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-14 16:20 - 2013-04-09 11:12 - 00000767 _____ () C:\Documents and Settings\Wendy\My Documents\PowerShot SX500 IS Camera User Guide.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-05 16:58 - 2011-06-17 20:21 - 02001937 _____ () C:\Windows\WindowsUpdate.log
2015-04-04 15:44 - 2012-08-28 11:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-04-04 15:44 - 2011-04-04 18:06 - 00000215 _____ () C:\Windows\wiadebug.log
2015-04-04 15:44 - 2010-09-13 19:35 - 00000048 _____ () C:\Windows\wiaservc.log
2015-04-04 15:44 - 2010-07-05 16:39 - 00000178 ___SH () C:\Documents and Settings\Wendy\ntuser.ini
2015-04-04 15:44 - 2010-07-05 16:38 - 00032226 _____ () C:\Windows\SchedLgU.Txt
2015-04-04 15:44 - 2010-07-05 11:50 - 00000241 ___SH () C:\boot.ini
2015-04-04 15:43 - 2013-02-17 23:58 - 00000000 ____D () C:\Documents and Settings\Wendy\Local Settings\Temp
2015-04-03 20:56 - 2015-01-29 00:29 - 00007476 _____ () C:\SoftUpdate.log
2015-04-03 02:51 - 2004-08-04 08:00 - 00013646 ____H () C:\Windows\System32\wpa.dbl
2015-04-01 16:15 - 2010-07-05 16:30 - 00000000 ____D () C:\Windows\System32\Restore
2015-04-01 15:52 - 2015-02-05 00:00 - 00028456 _____ () C:\Windows\setupapi.log
2015-04-01 15:47 - 2010-07-05 16:54 - 00000000 ____D () C:\Windows\System32\ReinstallBackups
2015-04-01 12:14 - 2010-07-05 16:38 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-03-31 11:04 - 2010-07-11 16:02 - 00393216 _____ () C:\Windows\System32\config\ACEEvent.evt
2015-03-31 10:02 - 2010-07-05 11:53 - 00522492 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-03-31 02:06 - 2015-01-29 23:48 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-03-30 14:06 - 2010-07-05 16:29 - 00000000 ____D () C:\Windows\Registration
2015-03-30 12:39 - 2013-11-10 12:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes’ Anti-Malware (portable)
2015-03-30 09:28 - 2011-02-20 16:01 - 00000000 ____D () C:\Documents and Settings\Wendy\My Documents\RCA Updater
2015-03-30 09:28 - 2010-07-05 17:21 - 00000000 ____D () C:\Documents and Settings\Wendy\My Documents\WLAN_Broadcom_4.10.40.0_MCE
2015-03-30 00:23 - 2013-11-10 12:19 - 00120024 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-03-30 00:23 - 2013-11-10 12:19 - 00000000 ____D () C:\Documents and Settings\Wendy\Desktop\mbar
2015-03-20 21:28 - 2013-11-26 01:26 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-03-14 16:24 - 2011-03-27 18:07 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-14 16:18 - 2012-08-08 17:15 - 00000000 ____D () C:\Documents and Settings\Wendy\Local Settings\Application Data\NLOP
2015-03-14 16:18 - 2010-07-05 17:58 - 00000000 ____D () C:\Documents and Settings\Wendy\Application Data\Adobe
Files to move or delete:
C:\WINDOWS\Temp\avastclear.exe
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points (XP) =====================
RP: → 2015-04-04 15:05 - 024576 _restore{284EE7BB-D814-4E50-9C2F-ED6957EE4284}\RP6
RP: → 2015-04-04 14:43 - 024576 _restore{284EE7BB-D814-4E50-9C2F-ED6957EE4284}\RP5
RP: → 2015-04-04 13:46 - 024576 _restore{284EE7BB-D814-4E50-9C2F-ED6957EE4284}\RP4
RP: → 2015-04-03 02:47 - 024576 _restore{284EE7BB-D814-4E50-9C2F-ED6957EE4284}\RP3
RP: → 2015-04-02 21:38 - 024576 _restore{284EE7BB-D814-4E50-9C2F-ED6957EE4284}\RP2
RP: → 2015-04-01 16:15 - 024576 _restore{284EE7BB-D814-4E50-9C2F-ED6957EE4284}\RP1
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 766.1 MB
Available physical RAM: 562.12 MB
Total Pagefile: 705.68 MB
Available Pagefile: 569.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1994.24 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:37.25 GB) (Free:24.67 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive x: (ReatogoPE) (Removable) (Total:1.86 GB) (Free:1.55 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: 379C7ACB)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00B55728)
No partition Table on disk 1.
==================== End Of Log ============================
The run once key is not self deleting
Download the attached fix list to the same location as FRST
Start FRST and press fix
Reboot to normal mode
Idk what you want me to do with the run once info, I put FRST and the fixlist on the reatogo desktop and hit fix, took like 2 sec then I removed flashdrive which caused me to lose the desktop. When I started it again we are back where we was, I reenter reatogo and restarted it that way; but we are still where we were. I attached the log. Do I need to go back into the boot mode thing to change the order again?
There are no avast files left now. So it should reboot as normal
Lets try a system restore
Download the attached fixlist to the same location as FRST
Start FRST as before
Press fix
On completion reboot to normal windows
Okay before I do this, the last time it gave no option to reboot to normal mode. It did give me the option to restart. Should it do this all automatically or do I need to go into the boot menu?
Yes restart and ensure the USB is removed, windows should then automatically go to the Hard drive
Same as before, here is the log...
When you try a normal boot what do you see on the screen ?
First an Acer screen which says at the bottom press F2 for set up or F12 for boot menu. Long pause of black screen then Windows XP flash screen then safe mode at the top it say windows xp 2600 service pack 3 then to the log in screen where I cannot move the cursor...
Press F12 for boot menu and select start normally
When I pressed F12 that was not an option it showed 3 items and their boot order the usb, cd rom, and something else and at the bottom it had enter set up which I did and put the order back where it was and then hit restore defaults. It is still going into safe mode and the F12 option is gone I can re-enable by going back into set up...