Well the analysis of the hjt log,
Check the following against virustotal if not legit fix:
C:\DOCUME~1\Donovan\LOCALS~1\Temp\MSI3CB.tmp
Visitor's assessment Analyzerdetails
C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp139.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
Unnecessary (deactivated) entry that can be fixed. Ycomp*_*_*_*.dll - Yahoo Companion!, Yahoo Companion!
O4 - HKLM\..\RunOnce: [aero] RunDll32.exe shell32.dll,Control_RunDLL desk.cpl,,2
Unknown application. Check
O16 - DPF: PackageCab -
http://ak.imgag.com/imgag/cp/install/AxCtp2.cab Check if you know this site and fix it if you do not.
Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed.
If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc,
it should be fixed!
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) -
http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocxCheck if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab Spyware related and slow computer down
Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) -
https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab! Is safe, nuisance score o
023 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp139.exe
Your computer has been severely infected by malware, that is SEEKAPP139.EXE. This is quite dangerous and unsafe for your PC and there may be other infections on your PC. You should urgently check your PC and remove any malicious application including SEEKAPP139.EXE as soon as possible.
Location : C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp139.exe
Type : Malware
Dangerous : YES
Removal : Immediately
How to remove using ComboFix:
http://forums.majorgeeks.com/showthread.php?p=1331439Follow the instructions there to remove this from Firefox
KILLALL with ComboFix, look where these items are actually on your machine, and give these files and path in following the example below::
Driver::
seekapp139
File::
C:\Program Files\Mozilla Firefox\extensions\{4548ECB8-DA60-439A-A00D-5C893F8E1F9A}\chrome\seekapp.jar
C:\Program Files\Mozilla Firefox\searchplugins\seekapp139.xml
C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp139.exe
Folder::
C:\Program Files\SeekappSrch
You will be known as the young malware fighter that learned cleansing the hard way, namely by self-infection, also know as the procedure of self-infliction,
polonus