did read me first stuff - still need lots help

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Are you running msconfig to disable some things from loading:

O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder

If so, run msconfig and select normal startup, then reboot an post a new HJT log. We do not need HJT logs from safe mode. They are typcically not that useful.

 

You will also need to disable Spybot S&D's TeaTimer. It could block us from fixing some items.

To disable TeaTimer, run Spybot and click Mode and select Advanced Mode. Then click Tools and select Resident. Now in the right window pane, uncheck TeaTimer.
Also while this is open, in the left column now select IE Tweaks and then in the right pane make sure all the Miscellaneous locks are unchecked.
Now quit Spybot!

 

After doing the previous steps do the following:

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: ActiveX Control - {91287A97-0024-4FD4-BABE-01F77E614862} - C:\WINDOWS\SYSTEM\MSXBQ.DLL
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\IE2CLTR.DLL
O2 - BHO: IE SP2 AddOn - {69E8A624-9C57-47D7-A2F1-5F0B6782A57B} - C:\WINDOWS\SYSTEM\SPAKX.DLL
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\IE2CLTR.DLL

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\SYSTEM\MSXBQ.DLL
C:\WINDOWS\SYSTEM\IE2CLTR.DLL
C:\WINDOWS\SYSTEM\SPAKX.DLL

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now run Ccleaner (installed while running the READ ME FIRST).

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Tell me which stuff you normally did not want to load. We can in most case have HijackThis permanently prevent them from loading as long as you are sure you do not need them.

As far as those DLLs you could not find, are you sure you have enabled viewing of hidden files and that you have unchecked the option to Hide extensions for know file types?

 

The below two should be uninstalled using Add/Remove programs:
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup

If you cannot find an uninstall, have HijackThis fix those two lines and then boot to safe mode and delete:
C:\Program Files\SpyKiller <--- the whole folder
C:\Program Files\BestPopUpKiller <--- the whole folder

Then reboot and post a new HJT log.

 

SpyKiller is on this list http://www.spywarewarrior.com/rogue_anti-spyware.htm of rogue/suspect spyware removal tools. Read the information there for yourself. All products by this company should be suspect including their popup blocker (which is not needed if you switch to FireFox as a browser).

I'm not sure what it is finding that the others are not but this is typical and in its case it could be false positives. If you want to see what I mean,. run download, install and run Spy Sweeper See if it finds anything after you have run SpyKiller.

 

Without the O4 line, your modem would more than likely not function properly.

Have you tried looking for new device drivers for your modem? You right about this belonging in another forum (like Hardware for example).

But let's take a quick look at Generating a StartupList log using HijackThis.

Run HJT and on the first screen, click the button that says "Open the Misc Tools section". In the next window first select "List also minor sections (full)" and then click the button that says "Generate StartupList log". CLick Yes to the Do you want to continue prompt. Now a notepad window will come up with the Startuplist.txt file. It is already saved in the the directory HJT is running from. So just come back here and upload the file as an attachment to your next message.