ok im the administrator on a comp with five other users . on my daughters account is this system tool 2011 but its not effecting anyother accounts. my question is when trying to remove this do i need to do it from the infected account or can i do it on my account (admin) and if i have to on her side nothing will come up i was able to shut down the process but even after that everything freezes ie wont come up all the way so i can go to the bleepingcomputer site. so can i dl from the bleepingcomputer site on the admin side or does it have to be done on the infected account.

Hello, and welcome to The Ultimate Geek TaskForce!

Please note the following information about the malware forum:

• Only Trained Advisors, Moderators and Administrators are allowed to give advice on removing malware from your computer.
  
• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  
• If you have already asked for help somewhere, please post the link to the topic you were helped.
  
• We try our best to reply quickly, but for any reason we do not reply in two days, do this:
  
  Reply to this topic with the word BUMP.
  
  
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

---

Yes, you can do it from any account.

Let's do this together...

Scan for malware

Please download Malwarebytes Anti-Malware from Download.CNET.com.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  
• Copy and paste the entire report in your next reply.

ok so i didnt realize you would get back to me so quick i thank you. i was reading on some of the things you told others and dled the mawarebytes and checked both boxes but i hit full scan before i saw your post its already showing like 15 things wrong. should i abort full scan to do quick? or just let the full scan continue

Abort it and do quick scan. Best idea.

Remove the items once you abort, and then run the quick scan.

ok i aborted full scan and is now doing quick i got a report of the 15 items that i removed i dont know if you want me to post it. if you do i will post it first whwn i post up the quick scan results . if thats what im supposed to do lol and again ty for being so fast i already love your site


ok upon looking at the report of things quarenteened(sp) i noticed iolo being some of the infected things. and that is part of my systems mechanic antivirus hmm maby its just catching the already quarenteened items from iolo

It does catch quarantined items. Should be fine. Yeah, go ahead and post the report from the first scan as well as the quick scan log.

ok here are the two logs. and wow there is alot of stuff is this normal?



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5418

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/29/2010 12:16:33 PM
mbam-log-2010-12-29 (12-16-33).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Objects scanned: 48468
Time elapsed: 10 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\iolo\system shield\quarantined\a0153411.exe.infected (Rogue.MySecurityShield) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\iolo\system shield\quarantined\mysecurityshield.exe.infected (Rogue.MySecurityShield) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\iolo\system shield\quarantined\packupdate107_302[1].exe.infected (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\iolo\system shield\quarantined\retrogamer.exe.infected (Adware.Iwon) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\iolo\system shield\quarantined\webfetti.exe.infected (Adware.Iwon) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\iolo\system shield\quarantined\zwinky.exe.infected (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\pgheg06300\pgheg06300.exe (Rogue.SystemTool) -> Quarantined and deleted successfully.



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5418

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/29/2010 1:29:01 PM
mbam-log-2010-12-29 (13-29-01).txt

Scan type: Quick scan
Objects scanned: 268328
Time elapsed: 1 hour(s), 11 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 43
Files Infected: 154

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790577BC7655573EA895 (Malware.Trace) -> Value: SRS_IT_E8790577BC7655573EA895 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\gabrielle\application data\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\IESkins (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\HostOI (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\HostOI\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\HostOI\static (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\HostOL (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\HostOL\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\HostOL\static (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\ustat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\weatherdpa\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\weatherdpa\Weather\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\weatherdpa\Weather\weatherdpa\weather_xml (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.523.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.523.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.523.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.523.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464} (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults\preferences (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\Seekmo (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\Cesslie\my documents\downloads\setupplaysushi(2).exe (Adware.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Cesslie\my documents\downloads\setupplaysushi.exe (Adware.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\gabrielle\my documents\downloads\iwonsetup2.3.50.57.sa.hp.zlfox000(2).exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\plugins\npclntax_seekmosa.dll (Adware.SeekMo) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-2021444666-2160809809-2054387210-1008\Dc4\webfettisetup2.3.50.45.zkman000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\010112010146118114.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\documents and settings\Kids\Desktop\system tool 2011.lnk (Rogue.SystemTool) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa_hpk.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa_kyf_update.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA\seekmosaabout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA\seekmosaau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA\seekmosaeula.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA\seekmosa_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\1.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\3852203.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\domains.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\12435 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\12776 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\159529 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\26664 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\297534 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\34237 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\34374 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\34513 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\39228 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\40256 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\42208 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\423530 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\42425 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\639731 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\66493 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\66836 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\744513 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\745146 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\745556 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\747928 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\748397 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\748405 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\tooltipxml\93899 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\dynamic\ustat\383c.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_explorer-mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\1\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\btntrans1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\buttondir.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\cursors.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\icons2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\t2_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\top7.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\default.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_video.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\layout.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\Seekmo\v3.0\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\Josh\application data\weatherdpa\Weather\weatherstartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.523.0\firefox\extensions\chrome.manifest (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.523.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome.manifest (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\install.rdf (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\CoreSrv.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\HostIE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\seekmosaax.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\seekmosadf.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\seekmouninstaller.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\WeSkin.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\program files\Seekmo\bin\10.3.84.0\firefox\extensions\plugins\npclntax_seekmosa.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\Seekmo\reset cursor.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\Seekmo\seekmo customer support center.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\Seekmo\seekmo uninstall instructions.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\Seekmo\Weather.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic