Hi Geeks to Go!,
I know this is an issue that has been approached before but I've followed the steps on the other posts and my WinMoviePlugIn keeps coming back. I've already run my antivirus (TrendMicro Internet Securty 11 - No findings), AdAware (No Findings) and Ccleaner (Keeps finding the WinMoviePlugIn stuff but it keeps coming back). I'm on a network here and Internet is continually connected.
I've pasted the Logfile of HijackThis below if it helps.
Logfile of HijackThis v1.99.1
Scan saved at 11.39.06, on 30/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Time Sync\time.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Trend Micro\Internet Security\tmproxy.exe
C:\Programmi\Trend Micro\Internet Security\PccPfw.exe
C:\Programmi\Trend Micro\Internet Security\Tmntsrv.exe
C:\Programmi\Trend Micro\Internet Security\PCClient.EXE
C:\Programmi\Trend Micro\Internet Security\PCCGUIDE.EXE
C:\Programmi\Trend Micro\Internet Security\TMOAgent.exe
C:\Programmi\Outlook Express\msimn.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\DAVIS Martin\Impostazioni locali\Temp\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.acer.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 80.204.126.131 www.iscomcuneo.it
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Programmi\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Programmi\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Programmi\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll",AppEntry -REG "Aethra\ADSL EB1070 USB"
O4 - HKLM\..\Run: [Time Sync] C:\Programmi\Time Sync\time.exe
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\DAVIS Martin\Dati applicazioni\sgrunt\IE4321.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SkySportsCluster] C:\Programmi\Sky Alerts\skinkers.exe
O4 - Startup: Outlook Express.lnk = C:\Programmi\Outlook Express\msimn.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Collegamenti a ritroso - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: www.acer.it
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1092296314776
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.sgrunt.biz/closer/close.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = iscomcuneo.it
O17 - HKLM\Software\..\Telephony: DomainName = iscomcuneo.it
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = iscomcuneo.it
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Programmi\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: PSecret - Unknown owner - C:\WINDOWS\srvany.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Programmi\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Programmi\Trend Micro\Internet Security\tmproxy.exe
Any suggestions VERY welcome......