Boot into safe mode. See how HERE.
http://www.bleepingcomputer.com/forums/tutorial61.html
Turn off system restore.(XP/ME only) See how HERE.
http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
http://www.bleepingcomputer.com/forums/tutorial62.html
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
msnappm.exe
Close task manager.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
<only fix this, if you don`t know what it is, or your have not set this yourself.
O4 - HKLM\..\Run: [msnsyslog] C:\WINDOWS\msnappm.exe
O8 - Extra context menu item: Allow pop-ups from this site - C:\Program Files\Hotkey Velocity\pac-addwl.html
O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\Hotkey Velocity\pac-page.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\Hotkey Velocity\pac-image.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{43E9D94F-EE94-4B0E-B47A-C86BDDB5CE82}: NameServer = 203.134.24.70 203.134.26.70
<only fix this, if it doesn`t belong to your ISP.
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
Click on the fix checked button.
Close HJT.
Locate and delete the following
bold files and/or directories(if there).
C:\WINDOWS\
msnappm.exe
Reboot into normal mode and turn system restore back on.
Regards Howard
