Boot in Safe Mode.
Switch System restore OFF.
Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:
MsgPlus.exe
OpenClock.exe
Next, UNinstall anything to do with:
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\DOCUME~1\Home\APPLIC~1\THESIZ~1\OpenClock.exe
Next, run a HJT scan and place a tick-mark in the little square before (if still there):
...................................................................................................
C:\Program Files\
MessengerPlus! 3\MsgPlus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.fvhnlpvttwolwucs.com/IHa...rqCgdBA7wPvE58fuBK4eo640btAhbef0JDoOr8EM.html
O2 - BHO: (no name) - {4C11C419-291A-5B5A-4CC7-E5796A6A8141} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Heck 4] C:\DOCUME~1\Home\APPLIC~1\
THESIZ~1\OpenClock.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
FIX ALL your O16 - DPF: entries
...................................................................................................
Now click on the
Fix Checked button in HJT.
When done, from between the dotted lines, delete the highlighted
bold files.
When a \
directory-name\ is
bold, delete everything in it, including that directory itself.
Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
Repeat this for ALL [usernames].
Boot normal. When all OK, switch System Restore back on.
