hijack This Log File - Help Please

[SadEyes]

Attached is the file of my work Hijack this log,
Can anyone tell me what I need to fix?
Thanks

 

[RealBlackStuff]

Boot in Safe Mode.
Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:
PSTORES.EXE

Next, run a HJT scan and place a tick-mark in the little square before (if still there):
C:\WINDOWS\SYSTEM\PSTORES.EXE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/ct/pm3/iwonpm_12_1,0,2,5.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = end
Unless the IP-address are from your ISP, fix this second O17 line as well
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 207.69.188.186,207.171.20.2

Now click on the Fix Checked button in HJT.
When done, delete the highlighted bold file.
Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
Repeat this for ALL [usernames].
OR WHEREVER 'TEMP' IS LOCATED IN W98.

Boot normal.

 

[SadEyes]

Hijack this log 2

I did everything you suggested in the last reply, I did not see a "highlighted bold file." to delete though.
Attached is my new HJT log, it is fresh from the restart of the computer after doing the fixes you suggested.
Is there anything else I need to do?
This computer keeps saying there isn't a connection to the internet everytime I try to delete a file in windows explorer, and tries to log on alot on it's own.
Thanks in advance for the help.
Sandi
SadEyes

 

[RealBlackStuff]

C:\WINDOWS\SYSTEM\PSTORES.EXE

Your new log is fine.
You sure this is a WORK-computer?

You appear to have a rogue dialler.
Get the 30-day trialversion Trojan Horse remover from http://www.simplysup.com/tremover/

 

[SadEyes]

Thanks for the help.
It is the computer we have at the leather store that I take classes and help out at.
The store computer, my home computer, a friends work and home computers, and another friends 2 home computers all have some crazy virus or adware stuff going on with them and I am trying to figure out what to do with it.

As far as using trojan remover...the trial period on the work - store computer has expired. Is it a program we should purchase? Can the software be used on more than one computer?

My home computer is doing that...trying to connect without my wanting it to.

is there any other way of getting rid of a rouge virus?

Thanks for all of your help
Sandi

 

[RealBlackStuff]

On that WORK-PC I notice you run 2 AV programs, NAV and AVG.
Get rid of that NAV-junk and stick with AVG.

Between you and your friends, you must have passed around a CD or floppy with the same infection. Or you all went to the same LAN-party and picked it up there.
Look at the different versions available for Trojan Remover. By all means buy it, it's one of the best!

Read this about rogue diallers:
http://www.wanadoo.co.uk/help/internetsecurity/roguedialler.htm

 

[SadEyes]

hijack This Log File - Help Please - Thank you

I think I have the work/store computer figured out...have to do some rouge dialler research and see what we can do to see if we have one and if so, what we can do with it. but overall it is running faster and acting better.

Thank you for your help.
I hope that you don't grow annoyed with my many current computers that are having problems.
I appreciate your help
Sandi