I could use some help please. I got the SmartSecurity desktop yesterday and I think I have cleaned everything up. But thru the process I seem to mess something up........ I can no longer install or remove programs. I get an "Unable to execute file in the temporary directory. Setup aborted. Error 2: The system cannot find file specified.". I can install programs in safemode. I have checked the TEMP and TMP environmental variables and they are fine. Other programs that use the temp directory seem fine, like WinZip. I have include Hijack This log below. Please Advice. Thanks.
Also what this se.dll? I thinks it from Spy Sweeper?
Logfile of HijackThis v1.99.1
Scan saved at 10:49:41 AM, on 4/14/2005
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\ati2plab.exe
C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
C:\WINNT\CPQDIAG\CPQDFWAG.EXE
C:\PROGRA~1\Compaq\COMPAQ~2\CPQWEB~1\WebDmi.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\snmp.exe
C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\PROGRA~1\Compaq\COMPAQ~2\cpqdmi.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\Promon.exe
C:\WINNT\System32\Atiptaxx.exe
C:\Program Files\Compaq\HotKey Software\hkss.exe
C:\PROGRA~1\Compaq\Security\Secure32.exe
C:\Program Files\Compaq\PowerCon Enhancements\CPQAcDc.Exe
C:\WINNT\System32\tp4serv.exe
C:\WINNT\System32\PRPCUI.exe
C:\PROGRA~1\Compaq\COMPAQ~2\CHKADMIN.EXE
C:\WINNT\system32\msmsgri32.exe
C:\WINNT\System32\atipalxx.exe
C:\WINNT\System32\atipalxx.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Outlook Express\msimn.exe
S:\JeffL\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\JMLEWIS\LOCALS~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.scimar.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.altavista.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\JMLEWIS\LOCALS~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {01A5E799-5D38-4002-9E52-ACC475B7731C} - C:\WINNT\System32\fgoc.dll (file missing)
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [hkss] C:\Program Files\Compaq\HotKey Software\hkss.exe
O4 - HKLM\..\Run: [Compaq Computer Security] C:\PROGRA~1\Compaq\Security\Secure32.exe
O4 - HKLM\..\Run: [CPQAcDc] C:\Program Files\Compaq\PowerCon Enhancements\CPQAcDc.Exe
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~2\CHKADMIN.EXE
O4 - HKLM\..\Run: [IMAQBoot] C:\Program Files\National Instruments\NI-IMAQ\bin\ImaqBoot.exe
O4 - HKLM\..\Run: [System Initialization] C:\WINNT\system32\msmsgri32.exe
O4 - HKLM\..\Run: [atipalxx] C:\WINNT\System32\atipalxx.exe
O4 - HKLM\..\Run: [Srf] C:\WINNT\Mir.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PayTime] C:\WINNT\System32\paytime.exe
O4 - HKLM\..\Run: [Disk Keeper] C:\WINNT\System32\Services\{13B5C052-3BC2-4DF4-8182-B20D3CABA539}\SECURITY.EXE
O4 - HKLM\..\RunServices: [atipalxx] C:\WINNT\System32\atipalxx.exe
O4 - HKCU\..\Run: [atipalxx] C:\WINNT\System32\atipalxx.exe
O4 - HKCU\..\Run: [PayTime] C:\WINNT\System32\paytime.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: PowerReg Scheduler.exe
O16 - DPF: {7A55E254-FE2A-6E25-DA4F-60653A9EE2BB} -
http://69.31.82.26/1/gdnUS10.exeO16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) -
http://everquest2.station.sony.com/beta_reg/soesysinfo.cabO20 - Winlogon Notify: drct16 - C:\WINNT\SYSTEM32\drct16.dll
O23 - Service: Trace network connections (ACCRA) - Unknown owner - C:\WINNT\System32\mocih.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\ati2plab.exe
O23 - Service: Compaq Local Alerter (CPQALERT) - Compaq Computer Corporation - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINNT\CPQDIAG\CPQDFWAG.EXE
O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~2\cpqdmi.exe
O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~2\CPQWEB~1\WebDmi.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Provides three management service (FreeBSD) - Unknown owner - C:\WINNT\System32\dev32.exe (file missing)
O23 - Service: OpcEnum - Unknown owner - C:\WINNT\SYSTEM32\Opcenum.exe
O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
