1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Hard drive runs continually. Computer is very slow.

Discussion in 'Windows XP' started by lharper21, Sep 9, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. lharper21

    lharper21 Thread Starter

    Joined:
    Sep 9, 2011
    Messages:
    31
    Hello,

    I'm trying to set up this computer for my dad to connect to his TV and stream media.

    Here are the computer specs:
    Tech Support Guy System Info Utility version 1.0.0.1
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: Intel(R) Celeron(R) M processor 1.50GHz, x86 Family 6 Model 13 Stepping 8
    Processor Count: 1
    RAM: 190 Mb
    Graphics Card: ATI RADEON XPRESS 200M Series, 64 Mb
    Hard Drives: C: Total - 38146 MB, Free - 20464 MB;
    Motherboard: TOSHIBA, Satellite L25 , Not Applicable , 1234567890
    Antivirus: Microsoft Security Essentials, Updated: Yes, On-Demand Scanner: Disabled




    Based on instructions given to another user with the same problem I wenth ahead and ran HijackThis.

    The scan log file is:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:41:12 AM, on 9/8/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17099)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Micro Innovations\Wireless Optical Travel Mouse\cm20.exe
    C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Apple Computer\[email protected]\DVDAccess.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.peoplepc.com/websearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: (no name) - {B47766F1-F625-40B0-AC96-47FD068AE06F} - C:\WINDOWS\system32\sstqp.dll (file missing)
    O2 - BHO: (no name) - {CE22ABA3-B540-4D26-9BE2-425AF0F411E8} - C:\WINDOWS\system32\jkkkijg.dll (file missing)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: (no name) - {E1BACF55-35E1-4E47-9247-2D48660E5545} - (no file)
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Start RF Wireless Mouse] "C:\Program Files\Micro Innovations\Wireless Optical Travel Mouse\cm20.exe"
    O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "c:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\WinSecureAv\bm.exe" dm=http://winsecureav.com ad=http://winsecureav.com sd=http://ykeeper.winsecureav.com
    O4 - HKLM\..\Run: [ptask] C:\Program Files\WinSecureAv\ptask.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.427.0\OEAddOn.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: [email protected] = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1204858055578
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B0025F4C-5137-49BB-AC24-D6E2ED72ED07}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O20 - Winlogon Notify: jkkkijg - jkkkijg.dll (file missing)
    O22 - SharedTaskScheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

    --
    End of file - 7581 bytes


    The uninstall list is:

    7-Zip 4.42
    Adobe Flash Player 10 Plugin
    Adobe Reader 7.1.0
    America Online (Choose which version to remove)
    Atheros Client Utility
    Atheros Driver Installation Program
    ATI - Software Uninstall Utility
    ATI Display Driver
    Belarc Advisor 7.0
    CCleaner (remove only)
    CD/DVD Drive Acoustic Silencer
    Conexant AC-Link Audio
    Critical Update for Windows Media Player 11 (KB959772)
    [email protected] 2.0.3
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Format SDK (KB902344)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    InterVideo WinDVD for TOSHIBA
    IrfanView (remove only)
    K-Lite Codec Pack 3.3.0 Basic
    Macromedia Flash Player 8
    Macromedia Shockwave Player
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Antimalware
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Standard Edition 2003
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Works
    Mozilla Firefox 6.0.2 (x86 en-US)
    MSN Music Assistant
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Notebook Maximizer
    PrintServer Utilities
    Public Messenger ver 2.03
    Pure Networks Port Magic
    QuickTime
    RealPlayer
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2559049)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Sonic DLA
    TOSHIBA Assist
    TOSHIBA ConfigFree
    TOSHIBA PC Diagnostic Tool
    Toshiba Q4 Retail Demo ScreenSaver
    Toshiba Registration
    TOSHIBA Software Upgrades
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    Toshiba Tbiosdrv Driver
    Toshiba Touchpad Utility
    Toshiba Utility
    TOSHIBA Zooming Utility
    Touch and Launch
    Tweak UI
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Windows Genuine Advantage v1.3.0254.0
    Windows Media Connect
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows PowerShell(TM) 1.0
    Windows XP Service Pack 3
    Wireless Optical Travel Mouse



    Any help on what to delete/uninstall would be greatly appreciated.

    Thanks, Lizzie
     
  2. pip22

    pip22

    Joined:
    Nov 21, 2004
    Messages:
    2,536
    Help is certainly available with analysing HJT logs, but you posted on the wrong forum my friend.
    HJT logs must be posted here: http://forums.techguy.org/54-virus-other-malware-removal/

    We are strictly forbidden to help with HJT logs or any malware-related issues on other forums.
    That's to prevent any "know-it-all" amateurs giving you bad advice and making your situation worse.
     
  3. lharper21

    lharper21 Thread Starter

    Joined:
    Sep 9, 2011
    Messages:
    31
    pip22,

    Thanks so much for the link. I will post the question there.

    Regards.
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Ignore post #2 about starting a new thread in the malware forum.

    We can deal with that computer here - which has a LOT of issues to resolve.

    Thanks for submitting a HiJackThis scan log and HiJackThis uninstall_list.txt log because that'll save a lot of time in helping you.

    It's going to take me several minutes to examine both logs and get back to you, so be patient.

    -----------------------------------------------------
     
  5. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    That Toshiba Satellite L25-S1215 laptop has an Intel Celeron 1.50 GHz processor and only 192 MB of RAM, so that in itself is going to make it run like a turtle.

    You need to increase the amount of RAM to at least 512 MB, and preferably to 1024 MB.

    From what I can determine, it supports up to 2048 MB of RAM.

    Adding more RAM is the most cost-effective speed and performance boost that you can give to a computer.

    http://www.memoryx.net/tosal2me43.html

    http://www.crucial.com/store/listparts.aspx?model=Satellite L25 Series&Cat=RAM

    http://www.memorystock.com/ToshibaSatelliteL25Series.html

    Note: Even if you increase the amount of RAM and tweak it for maximum performance, I doubt if the hardware in it will be sufficient for connecting to a TV and streaming media.

    ----------------------------------------------------

    I just noticed that you're using a very old version(2.0.2) of HiJackThis, so you need to uninstall it, then go here and download version 2.0.4, then install it in its default location(C:\Program Files), then restart the computer, then submit new scan and uninstall_list.txt logs.

    ----------------------------------------------------
     
  6. lharper21

    lharper21 Thread Starter

    Joined:
    Sep 9, 2011
    Messages:
    31
    Thanks for your reply. :)

    I installed the newer version of HiJackThis. Here's the scan data:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:05:34 PM, on 9/8/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17099)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
    C:\Program Files\Mozilla Firefox\firefox.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.peoplepc.com/websearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {B47766F1-F625-40B0-AC96-47FD068AE06F} - C:\WINDOWS\system32\sstqp.dll (file missing)
    O2 - BHO: (no name) - {CE22ABA3-B540-4D26-9BE2-425AF0F411E8} - C:\WINDOWS\system32\jkkkijg.dll (file missing)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: (no name) - {E1BACF55-35E1-4E47-9247-2D48660E5545} - (no file)
    O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "c:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
    O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\WinSecureAv\bm.exe" dm=http://winsecureav.com ad=http://winsecureav.com sd=http://ykeeper.winsecureav.com
    O4 - HKLM\..\Run: [ptask] C:\Program Files\WinSecureAv\ptask.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.427.0\OEAddOn.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1204858055578
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B0025F4C-5137-49BB-AC24-D6E2ED72ED07}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O20 - Winlogon Notify: jkkkijg - jkkkijg.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

    --
    End of file - 7289 bytes


    ---------------------------------------------------

    Here's the uninstall list:

    7-Zip 4.42
    Adobe Flash Player 10 Plugin
    Adobe Reader 7.1.0
    America Online (Choose which version to remove)
    Atheros Client Utility
    Atheros Driver Installation Program
    ATI - Software Uninstall Utility
    ATI Display Driver
    CD/DVD Drive Acoustic Silencer
    Conexant AC-Link Audio
    Critical Update for Windows Media Player 11 (KB959772)
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Format SDK (KB902344)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    InterVideo WinDVD for TOSHIBA
    IrfanView (remove only)
    Macromedia Flash Player 8
    Macromedia Shockwave Player
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Antimalware
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Standard Edition 2003
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Works
    Mozilla Firefox 6.0.2 (x86 en-US)
    MSN Music Assistant
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Notebook Maximizer
    PrintServer Utilities
    Public Messenger ver 2.03
    Pure Networks Port Magic
    RealPlayer
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Revo Uninstaller Pro 2.5.3
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2559049)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    TOSHIBA Assist
    TOSHIBA ConfigFree
    TOSHIBA PC Diagnostic Tool
    Toshiba Q4 Retail Demo ScreenSaver
    Toshiba Registration
    TOSHIBA Software Upgrades
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    Toshiba Tbiosdrv Driver
    Toshiba Touchpad Utility
    Toshiba Utility
    TOSHIBA Zooming Utility
    Touch and Launch
    Tweak UI
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Windows Genuine Advantage v1.3.0254.0
    Windows Media Connect
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows PowerShell(TM) 1.0
    Windows XP Service Pack 3
     
  7. razorwing

    razorwing Banned

    Joined:
    Jul 5, 2011
    Messages:
    450
  8. razorwing

    razorwing Banned

    Joined:
    Jul 5, 2011
    Messages:
    450
    You have three antivirus applications running on your machine two real and one rogue
     
  9. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Do the following in the order that they're listed.

    It's going to take you awhile, so take your time and don't get in a hurry.

    ----------------------------------------------------

    Click Start - Run, then type in

    %temp%

    and then click OK.

    Click Start - Run, then type in

    c:\windows\temp

    and then click OK.

    Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

    It's all junk and is a good place for "nasties" to hide.

    If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

    After you're done, empty the Recycle Bin and then restart the computer.

    ----------------------------------------------------

    Start HiJackThis, then click "Do a system scan only".

    When the scan is finished in 30 seconds or less, put a checkmark in these log entries:

    O2 - BHO: (no name) - {B47766F1-F625-40B0-AC96-47FD068AE06F} - C:\WINDOWS\system32\sstqp.dll (file missing)

    O2 - BHO: (no name) - {CE22ABA3-B540-4D26-9BE2-425AF0F411E8} - C:\WINDOWS\system32\jkkkijg.dll (file missing)

    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

    O3 - Toolbar: (no name) - {E1BACF55-35E1-4E47-9247-2D48660E5545} - (no file)

    O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\WinSecureAv\bm.exe" dm=http://winsecureav.com ad=http://winsecureav.com sd=http://ykeeper.winsecureav.com

    O4 - HKLM\..\Run: [ptask] C:\Program Files\WinSecureAv\ptask.exe

    O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.427.0\OEAddOn.exe

    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O20 - Winlogon Notify: jkkkijg - jkkkijg.dll (file missing)


    After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

    Close HiJackThis, then restart the computer.

    ----------------------------------------------------

    Download and save the free version of these programs:

    Malwarebytes Anti-Malware 1.51.1.1800

    SUPERAntiSpyware 5.0.0.1118

    After they've been downloaded and saved, close all open windows first, then install them.

    After they've both been installed, restart the computer.

    ----------------------------------------------------

    Start Malwarebytes Anti-Malware.

    Click "Updates(tab) - Check for Updates".

    When the definition files have updated, click "OK".

    Click "Scanner(tab) - Perform quick scan - Scan".

    If infections or problems are found during the scan, the number of them will be highlighted in red.

    When the scan is finished, click "Show Results".

    Make sure that EVERYTHING is selected, then click "Remove Selected".

    If you're prompted to restart to finish the removal process, click "Yes".

    Start Malwarebytes Anti-Malware again.

    Click "Logs"(tab).

    Highlight the scan log entry, then click "Open".

    When the scan log appears in Notepad, copy-and-paste it here.

    ----------------------------------------------------

    Start SUPERAntiSpyware.

    Click "Check for Updates".

    When the definition files have updated, click "Close".

    Select the "Quick Scan" option, then click "Scan your Computer".

    If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

    When the scan is finished and the scan summary window appears, click "Continue".

    Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

    Click "OK - Finish".

    If you're prompted to restart to finish the removal process, do so.

    Start SUPERAntiSpyware again.

    Click "View Scan Logs".

    Highlight the scan log entry, then click "View Selected Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    -----------------------------------------------------
     
  10. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Do NOT install and use CCleaner.

    Let me know when you've completed my previous instructions.

    -------------------------------------------------------
     
  11. lharper21

    lharper21 Thread Starter

    Joined:
    Sep 9, 2011
    Messages:
    31
    Hi,

    Finally got it done!

    The Malwarebytes log is:

    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7690

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.11

    9/9/2011 1:12:54 PM
    mbam-log-2011-09-09 (13-12-54).txt

    Scan type: Quick scan
    Objects scanned: 190814
    Time elapsed: 16 minute(s), 5 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 44
    Registry Values Infected: 5
    Registry Data Items Infected: 1
    Folders Infected: 40
    Files Infected: 162

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\AppID\{4A40E8FC-C7E4-4F57-9FA4-85DD77402897} (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{EA7522F6-87CF-411e-8A55-19EE4344B676} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{EA7522F6-87CF-411e-8A55-19EE4344B676} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8971CB48-9FCA-445A-BE77-E8E8A4CC9DF7} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{08755390-F46D-4D09-968C-3430166B3189} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{34E29700-0D13-46AA-B9A5-ACE68E21A091} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\HostOL.MailAnim.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\HostOL.MailAnim (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{914A8F99-38E4-47ec-B875-2B0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{995E885E-3FF5-4f66-A107-8BFB3A0F8F12} (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{BD5258AF-20AE-4BD3-B748-B2851ACA7335} (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Seekmo.DesktopFlash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Seekmo.DesktopFlash (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{B88E4484-3FF6-4EA9-815B-A54FE20D4387} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\HostOL.WebmailSend.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\HostOL.WebmailSend (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{D761645B-6B20-4698-AEE8-729981152A82} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C3F6257-3E00-45C2-88D5-CB0F3A17BF0E} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F87F145-DC2D-4766-AF03-3A3B96FFAD98} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE22ABA3-B540-4D26-9BE2-425AF0F411E8} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E596DF5F-4239-4D40-8367-EBADF0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\InstIE.HbInstObj (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\InstIE.HbInstObj.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\SeekmoSA_df.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\SeekmoTB.DLL (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\WinSecureAv (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dhlp (Rogue.Multiple) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{CE22ABA3-B540-4D26-9BE2-425AF0F411E8} (Trojan.Vundo) -> Value: {CE22ABA3-B540-4D26-9BE2-425AF0F411E8} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{CE22ABA3-B540-4D26-9BE2-425AF0F411E8} (Trojan.Vundo) -> Value: {CE22ABA3-B540-4D26-9BE2-425AF0F411E8} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.1.181.0 (Adware.Zango) -> Value: Zango 10.1.181.0 -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    c:\documents and settings\Alicia\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Lizzi\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Lizzi\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Lizzi\application data\registrysmart\registry backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\IESkins (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0 (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\HostOI (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\HostOI\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\HostOI\static (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\HostOL (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\HostOL\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\HostOL\static (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2 (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\winsecureav (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\winsecureav\Logs (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\winsecureav (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\winsecureav\Logs (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\program files\common files\winsecureav (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\program files\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\program files\winspykiller (Rogue.WinSpyKiller) -> Quarantined and deleted successfully.
    c:\winsecureav (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\winsecureav\AVQuar (Rogue.WinSecureAv) -> Quarantined and deleted successfully.

    Files Infected:
    c:\RECYCLER\s-1-5-21-2691872993-1231172647-1964786175-1008\Dc2.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\registrysmart scheduled scan.job (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\registrysmart\Log\2008 mar 16 - 08_59_52 am_906.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\registrysmart\Log\2008 mar 16 - 09_06_06 am_203.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\registrysmart\Log\2008 mar 16 - 11_31_43 am_421.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\registrysmart\Log\2008 mar 16 - 11_32_43 am_906.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\registrysmart\Log\2008 mar 16 - 11_51_23 am_906.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Lizzi\application data\registrysmart\Log\2008 mar 06 - 10_01_43 pm_578.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Lizzi\application data\registrysmart\Log\2008 mar 06 - 10_01_52 pm_468.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Lizzi\application data\registrysmart\registry backups\2008-03-06_22-14-31.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\registrysmart\Log\2008 apr 28 - 11_33_43 am_375.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\registrysmart\Log\2008 apr 28 - 11_34_15 am_609.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\registrysmart\Log\2008 apr 28 - 11_44_24 am_578.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\registrysmart\Log\2008 apr 28 - 11_46_53 am_984.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_explorer-mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\1\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_explorer-mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\2\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\buttondir.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\cursors.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\progress.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\t2_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\top7.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\btntrans1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\default.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\icons2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_video.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\layout.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\Seekmo\v3.0\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\shoppingreport\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\winsecureav\Logs\threats.log (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\documents and settings\Alicia\application data\winsecureav\Logs\update.log (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\winsecureav\Logs\threats.log (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\documents and settings\nildo j. harper\application data\winsecureav\Logs\update.log (Rogue.WinSecureAv) -> Quarantined and deleted successfully.
    c:\program files\winspykiller\winspykiller.lic (Rogue.WinSpyKiller) -> Quarantined and deleted successfully.

    -------------------------------------------------------------------

    The SuperAntiSpyware log is:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 09/09/2011 at 01:53 PM

    Application Version : 5.0.1118

    Core Rules Database Version : 7673
    Trace Rules Database Version: 5485

    Scan type : Quick Scan
    Total Scan Time : 00:18:08

    Operating System Information
    Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 375
    Memory threats detected : 0
    Registry items scanned : 32437
    Registry threats detected : 33
    File items scanned : 7610
    File threats detected : 8

    Trojan.Media-Codec
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03#UninstallString

    Adware.180solutions/Seekmo
    C:\Program Files\Seekmo Programs

    Adware.Zango Toolbar/Hb
    HKCR\Interface\{3661AF2D-C27B-499C-9BCF-66C8502A3806}
    HKCR\Interface\{3661AF2D-C27B-499C-9BCF-66C8502A3806}\ProxyStubClsid
    HKCR\Interface\{3661AF2D-C27B-499C-9BCF-66C8502A3806}\ProxyStubClsid32
    HKCR\Interface\{3661AF2D-C27B-499C-9BCF-66C8502A3806}\TypeLib
    HKCR\Interface\{3661AF2D-C27B-499C-9BCF-66C8502A3806}\TypeLib#Version
    HKCR\Interface\{99123AC9-7DDA-4C82-B252-44C2804BF392}
    HKCR\Interface\{99123AC9-7DDA-4C82-B252-44C2804BF392}\ProxyStubClsid
    HKCR\Interface\{99123AC9-7DDA-4C82-B252-44C2804BF392}\ProxyStubClsid32
    HKCR\Interface\{99123AC9-7DDA-4C82-B252-44C2804BF392}\TypeLib
    HKCR\Interface\{99123AC9-7DDA-4C82-B252-44C2804BF392}\TypeLib#Version

    Trojan.DNSChanger-Codec
    HKCR\CLSID\E404.e404mgr
    HKCR\CLSID\E404.e404mgr#UserId

    Adware.Zango/ShoppingReport
    HKCR\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
    HKCR\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}\ProxyStubClsid
    HKCR\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}\ProxyStubClsid32
    HKCR\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}\TypeLib
    HKCR\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}\TypeLib#Version

    Rogue.TrustedAntiVirus
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP#NextInstance
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000#Service
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000#Legacy
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000#ConfigFlags
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000#Class
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000#ClassGUID
    HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DHLP\0000#DeviceDesc

    Trojan.Media-Codec/V5
    C:\Program Files\NetProject

    Adware.Tracking Cookie
    C:\Documents and Settings\Nildo J. Harper\Cookies\TLJCEBXY.txt
    C:\Documents and Settings\Nildo J. Harper\Cookies\GIHYRU61.txt
    C:\Documents and Settings\Nildo J. Harper\Cookies\KKLCXN6U.txt
    C:\Documents and Settings\Nildo J. Harper\Cookies\8QE7K666.txt

    Unclassified.Unknown Origin
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DA7DBE8-C51B-4AE4-BC6E-21863349B0B4}
    HKU\S-1-5-21-2691872993-1231172647-1964786175-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DA7DBE8-C51B-4AE4-BC6E-21863349B0B4}
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DA7DBE8-C51B-4AE4-BC6E-21863349B0B4}

    Trojan.Agent/Gen
    HKU\S-1-5-21-2691872993-1231172647-1964786175-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C566C34-7D72-4DC1-9BBE-1121A76698F8}

    Adware.Vundo Variant/Rel
    C:\WINDOWS\SYSTEM32\PQTSS.INI
    C:\WINDOWS\SYSTEM32\PQTSS.INI2

    --------------------------------------------------------

    I did not run CCleaner.
     
  12. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    Did you have any trouble with accessing the 2 temp folders and deleting their contents?
    Did one or both of them contain a lot of "debris"?

    Did you have any trouble with selecting and fixing the HiJackThis log entries?

    Did you select and remove EVERYTHING that the SUPERAntiSpyware scan found?
    I need to ask because its scan log doesn't show what action you took like the Malwarebytes Anti-Malware scan log does.

    -----------------------------------------------------------

    Close all open windows first, then start HiJackThis and click "Do a system scan and save a log file".
    Save the new log that appears, then submit it here.

    -----------------------------------------------------------
     
  13. lharper21

    lharper21 Thread Starter

    Joined:
    Sep 9, 2011
    Messages:
    31
    I didn't have any trouble with the temp folders, and yes, they had lots of "debris."

    No problems either with the deletions in HiJackThis .

    I ran Malwarebytes Anti-Malware first and deleted everything it found, then ran SUPERAntiSpyware and deleted everything it found.

    I'm running HiJackThis now and will post it as soon as it's done.
     
  14. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,657
    First Name:
    Frank
    OK, good. (y)

    I'll be waiting to see the new HiJackThis log, then we'll go from there.

    --------------------------------------------------------
     
  15. lharper21

    lharper21 Thread Starter

    Joined:
    Sep 9, 2011
    Messages:
    31
    Here's the HiJackThis log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:40:12 PM, on 9/9/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17099)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.peoplepc.com/websearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "c:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1204858055578
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B0025F4C-5137-49BB-AC24-D6E2ED72ED07}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - Unknown owner - (no file)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

    --
    End of file - 6492 bytes
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Solved Hard drive
  1. ZawMyoLatt
    Replies:
    4
    Views:
    314
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1016767

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice