Puter Being Violently Assaulted by Spyware

Please do follow the guide below closely as the steps are specific and any missed will only require you to re-do some of them and take that bit longer to resolve your malware issues,

The HJT log was run from safe mode whereas the steps state run from Normal mode, HJT was installed in the exact place in the guide we specify not to C:\Documents and Settings\Me\Desktop\HijackThis.exe and running was a browser window in IE.

You also seem to have two Antivirus applications AVG and Norton? you must uninstall one as they will conflict.


- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis


When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

.

 

The only issues you have are the below which are all due to using Kazaa! If you have Kazaa installed, stop using it and uninstall it.

Delete the below:
C:\Program Files\Kazaa <--- the whole folder
C:\Program Files\MediaLoads <--- the whole folder
C:\GatorPatch.log


If you are having problems, you need to be more specific in describing them.

 

Just delete the below! Probably also came from Kazaa.


C:\WINDOWS\NDNuninstall4_80.exe
C:\WINDOWS\NDNuninstall5_48.exe
C:\WINDOWS\NDNuninstall5_64.exe
C:\WINDOWS\NDNuninstall6_10.exe
C:\WINDOWS\NDNuninstall6_22.exe

This is not malware. You don't really have that much running. Uninstall anything that you don't need or use. None of the below are necessary items to run at startup (they are not malware). You can just have HJT fix these lines if desired:

O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe