Hello and welcome to Techspot.
Boot into safe mode. See how HERE.
http://www.bleepingcomputer.com/forums/tutorial61.html
Turn off system restore.(XP/ME only) See how HERE.
http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
http://www.bleepingcomputer.com/forums/tutorial62.html
Run a full system scan and delete whatever it finds. It may well be that the infection is resident in one of your restore points. No antivirus programme can delete anything in a restore point. Turning off system restore will delete all your restore points and any infections that are in them.
Once you`ve done that, follow the instructions below.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O19 - User stylesheet: C:\Documents and Settings\Yenny Su\text.txt
Click on the fix checked button.
Close HJT.
Reboot into normal mode and turn system restore back on.
Regards Howard :wave: :wave:
