Spyware threat has been detected on your PC found, but not sure if removed

[zooner43]

I had the same problem as some of the other people in this forum where my desktop background was blue with the words "Warning:Spyware threat has been detected on your PC" written.
I looked at your Viruses/Spyware/Malware, preliminary removal instructions guide and I did everything in order (hopefully). The background spyware images are gone but I just wanted to make sure that there arent any other problems lingering so I attached my LOGS that you asked for.
There was nothing found on the Panda Antirootkit programme.
Thanks in advance

 

[jimjams]

Why was the three things in Report-Scan 'no action taken'?

 

[kritius]

Doesnt matter, theyre in system restore.

 

[jimjams]

I think they do

cause thats why when you are dis-infecting a system they ask you to de-activate system restore...

 

[kritius]

You shouldnt do that, at the minute those things cant hurt you until you use that restore point, the only time you disable system restore when doing a fix is when the computer is clean and you want to give it a clean restore point.

Fix entries using HiJackThis

• Launch HiJackThis
• Click the Do a system scan only button
• Put a check next to the entries listed below

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll (file missing)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)

• IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
• Click the Fix checked button and close HiJackThis
• Reboot HijackThis if necessary

Reboot into safe mode.

Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this file (if present):

C:\WINDOWS\system32\wmsdkns.exe,

After that, Reboot, and post a new HijackThis log here in a reply as well as describing how your computer is running at the minute.

 

[zooner43]

newest log

Hey guys,
I appreciate the replies, Here is the newest Hijackthis log. I couldnt find the C:\WINDOWS\system32\wmsdkns.exe file by the way. My computer seems to be running fine so far.