Hello again
well lets do this manually then
Run hijack this put a check next to these close all browsers and hit fix
Make sure not to miss one
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\SearchBar.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page= http://red.clientapps.yahoo.com/cus....//my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://red.clientapps.yahoo.com/cus...ttp://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {0B90AA1B-F649-44C3-9FD3-736C332CBBCF} - (no file)
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll
O2 - BHO: (no name) - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - (no file)
O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll
O4 - HKLM\..\Run: [4ZfwzcjCr] C:\documents and settings\administrator\local settings\temp\4ZfwzcjCr.exe
O4 - HKLM\..\Run: [Dsi] C:\WINDOWS\System32\dp-him.exe
O4 - HKLM\..\Run: [3FGQ96S2383XEZ] C:\WINDOWS\System32\Fmr0i.exe
O4 - HKLM\..\Run: [drltako] C:\WINDOWS\System32\atcoxd.exe
O4 - HKLM\..\Run: [AutoLoader70rb1NdeadPP] "C:\WINDOWS\System32\gdiapi32.exe"
O4 - HKLM\..\Run: [778R33g] gdiapi32.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\System32\msgked.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocach...ralInitialSetup
1.0.0.8.cab
-----------------------------------------------------------------------------------------------------------------------------------
To enable the viewing of Hidden files follow these steps:
How to see Hidden files and Folders
reboot into safe mode
How to boot into safe mode
delete
this file
C:\WINDOWS\System32\msgked.exe
C:\WINDOWS\System32\gdiapi32.exe
C:\WINDOWS\System32\atcoxd.exe
C:\WINDOWS\System32\Fmr0i.exe
C:\WINDOWS\System32\SearchBar.htm
C:\WINDOWS\sysupd.exe
this folder
C:\Program Files\SEP
----------------------------------------------------------------------------------------------------
then go to C:\Documents and Settings\USER NAME\Local Settings\Temp and select everything in that folder and delete it
as XP will not let you delete files less than 24 hours old as it thinks it might need them please also do this
while in the temp folder, select view and select details.
then right click a blank part and select arrange icons by, and select show in groups and modified, that will give a list of all files in date order with today at the top of the page.
select all the files/folders except the today ones and delete them all.
1) Open Control Panel
2) Click on Internet Options
3) On the General Tab, in the middle of the screen, click on Delete Files
4) You may also want to check the box "Delete all offline content"
5) Click on OK and wait for the hourglass icon to stop after it deletes the temporary internet files
6) You can now click on Delete Cookies and click OK to delete cookies that websites have placed on your hard drive
empty your recyle bin
reboot to normal
come back and post a fresh log and tell me how you computers running
Lobos