Hello there and welcome to BleepingComputer.
Buddy215 doesn't deal with HijackThis logs, so I'll be helping you from now on, my name is Charles.
Please print off a copy of these instructions, and also save them to a Notepad file on your desktop, so they are easily accessible.
We are going to boot into Safe Mode later in the fix, and there is no internet access.
Scan again with HijackThis and put a checkmark next to each of the following entries (if present):
F2 - REG:system.ini: Shell=Explorer.exe SSVICHOSST.exe
O4 - HKCU\..\Run: [MsServer] msfir80.exe
Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix checked
Please reboot your computer into Safe Mode
This is done by rebooting Windows and pressing F8
at boot/Windows startup, usually right after the beep.
Then select Safe Mode from the list.
Make sure you choose the option without Networking Support.
Set your system to show all
I'm not sure if you will be able to do this since you said it was not possible, but I'm hoping you will be able to do it in Safe Mode.
Navigate to Start | My Computer | Tools | Folder Options
Select the View
tab. Under the "Hidden Files and Folders" heading, select "Show hidden files and folders".Un
check: Hide file extensions for known file typesUn
check the Hide protected operating system files (recommended) option.
Navigate to Start | Search | All files and folders
Expand More advanced options
, check 'Search system folders', 'Search hidden files and folders' and 'Search subfolders'.
Paste this into the All or part of the file name
If you find any examples of these, please remove them.
Reboot into Normal Mode again.
Then scan once more with HijackThis and post back the log in your next reply.
Edited by rookie147, 31 October 2007 - 10:05 AM.