This is my 1st time using Hijackthis and i have almost no clue on how to remove the spyware on the log, can anyone give me some help on how to remove it or what program i should use to remove it? I have a log posted below, not sure what i should delete or leave.

Thanks in advance.

Edit: ahh, just figured out how to remove things. but i still need help on what i should remove.

Edit: changed the attachment to a txt file

Attached Files

hijackthis.txt (6.8 KB, 5 views)

Nobody in their right mind will open a .doc file (MS and virus)
Repost please with a .txt extension.

can anyone help?

Move your HJT to its OWN directory, don't run it from the desktop!

Boot in Safe mode.

Switch OFF Restore Points.

UNinstall anything to do with:
C:\Program Files\Optimum Online\Netsurf.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll
C:\Program Files\Ares Lite Edition\AresLite.exe

Next, click Ctrl/Alt/Del and in Taskmanager try to STOP these processes:
C:\WINDOWS\system32\msjv.exe
C:\WINDOWS\addfj32.exe
C:\WINDOWS\Drivers\netdll.exe
C:\WINDOWS\system32\mstb32.exe

Next, run HJT on its own and let it 'fix' (if still there):
C:\Program Files\Optimum Online\Netsurf.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\addfj32.exe
C:\Program Files\Spyware Doctor\swdoctor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\mgdwg.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\mgdwg.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\mgdwg.dll/sp.html#37049
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {395654E0-C152-DEFC-F1D5-D4ED74FC94EC} - C:\WINDOWS\javaer32.dll
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Optimum Online] C:\Program Files\Optimum Online\Netsurf.exe -tray
O4 - HKLM\..\Run: [netdll] C:\WINDOWS\Drivers\netdll.exe
O4 - HKLM\..\Run: [mstb32.exe] C:\WINDOWS\system32\mstb32.exe
O4 - HKLM\..\Run: [msjv.exe] C:\WINDOWS\system32\msjv.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - http://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll (file missing)
O23 - Service: Network Security Service (NSS) - Unknown - C:\WINDOWS\addfj32.exe

When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.

Clean all contents from your Temp. Internet Files in IE and Firefox.
Clean all contents from: c:\Documents and Settings\[username]\Local Settings\Temp

If all is OK, switch ON Restore Points.