Re:
Dear
liverpoolrdbest, please follow the instructions given below carefully..
1.) Clean up your temp. files and Recycle Bin using the Windows Disk Cleanup Utility.
2.) Download Killbox and save it to your desktop.
3.) Restart Windows into Safe mode.
4.) Scan using HJT and fix the following entries.
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,rundll32.exe C:\WINDOWS\system32\winsys16_070307.dll start
O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll
O2 - BHO: (no name) - {12076efe-e887-42ad-ae2b-1b294ae19f4f} - C:\WINDOWS\system32\42adntos.dll
O2 - BHO: Sodui Search - {35EC0410-555E-4402-B372-D9A6E0BF6795} - C:\WINDOWS\system32\winveu74.dll
O2 - BHO: HelpIE Class - {589A6FED-A214-4FE3-8D1E-CD07BC634D89} - C:\WINDOWS\system32\HelpIE.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {d8b5225b-3efa-41ee-8b0d-4e03f37a8dbf} - C:\WINDOWS\system32\41eecfsb.dll
O2 - BHO: MyFavor Web - {F7F49040-389C-4f1f-A825-06D5328EAE59} - C:\WINDOWS\system32\MyFavor.dll
O4 - HKLM\..\Run: [ms3dldrv] C:\WINDOWS\2007331205331230.exe
O4 - HKLM\..\Run: [upxdnd] C:\DOCUME~1\GRANTJ~1\LOCALS~1\Temp\upxdnd.exe
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\2007331221352593.exe
O4 - HKLM\..\Run: [sInit117.exe] C:\WINDOWS\system32\sInit117.exe Auto
O4 - HKLM\..\Run: [kernelmh] C:\WINDOWS\Kernelmh.exe
O4 - HKLM\..\Run: [wsttrs] C:\WINDOWS\20074222657878.exe
O9 - Extra button: (no name) - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: flmh - {DA41220C-FF67-4750-A210-F291283106B5} - C:\PROGRA~1\eklg\flmh.dll
O21 - SSODL: wbwk - {12311512-2C1D-44b2-A044-872AD2AD5A61} - C:\PROGRA~1\eklg\flmh.dll
O23 - Service: Cryptographic Server (CryptographicServer) - Unknown owner - C:\WINDOWS\system32\mshtmlsed.exe
5.) Double-click on Killbox.exe to run it.
Put a tick by Standard File Kill.
In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time.
Click on the button that has the red circle with the X in the middle after you enter each file.
It will ask for confimation to delete the file.
Click Yes.
Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
C:\WINDOWS\system32\mshtmlsed.exe
C:\WINDOWS\system32\MSRundll.exe
C:\WINDOWS\system32\sInit117.exe
C:\WINDOWS\20074222657878.exe
C:\WINDOWS\system32\MSRundll.exe
C:\WINDOWS\system32\winsys16_070307.dll
C:\Program Files\Common Files\CPUSH\cpush0.dll
C:\WINDOWS\system32\42adntos.dll
C:\WINDOWS\system32\winveu74.dll
C:\WINDOWS\system32\HelpIE.dll
C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
C:\WINDOWS\system32\41eecfsb.dll
C:\WINDOWS\system32\MyFavor.dll
C:\WINDOWS\2007331205331230.exe
C:\DOCUME~1\GRANTJ~1\LOCALS~1\Temp\upxdnd.exe
C:\WINDOWS\2007331221352593.exe
C:\WINDOWS\system32\sInit117.exe
C:\WINDOWS\Kernelmh.exe
C:\WINDOWS\20074222657878.exe
C:\WINDOWS\web\related.htm
C:\WINDOWS\system32\WPDShServiceObj.dll
C:\PROGRA~1\eklg\flmh.dll
C:\PROGRA~1\eklg\flmh.dll
Note: It is possible that Killbox will tell you that one or more files do not exist.
If that happens, just continue on with all the files. Be sure you don't miss any.
6.) Restart Windows normally.
7.) Goto Start Menu/Run and type "SFC /scannow". Insert your OS CD and let it do the repairs with the OS.
8.) Make sure that you are using the latest version of Java.
I've installed hardly anthing and haven't used it much but...
