Hijackthis log, please help!

Download CWShredder 2.15 from here.

Download\'SpSeHjfix\' to the desktop and then
right click a blank part of the desktop and select new folder, call it spfix
unzip the file into that folder.

Disconnect from the net and Close ALL OPEN PROGRAMS.
Run 'SpSeHjfix'. and click on "Start Disinfection".
When it's finished it will reboot your machine to finish the cleaning process.
The tool creates a log of the fix which will appear in the folder.

If it doesn't find any of the SE files or any hidden reinstallers it will say system clean and not go on to next stage.

Run the shredder and press the *fix,* not scan and allow it to clean the infection. Close all browser and explorer windows before hitting the fix button.

Reboot and post a fresh HJT log and the log that was created by 'SpSeHjfix'.

Ok, here are both new logs. I opened IE and it seems as if the problem is fixed. The only other question I have is that I have the "se.dll" file on my desktop (because I found it and put it there to try to delete it). What should I do with it? Here are the logs and thank you for all of the help!

Logfile of HijackThis v1.99.1
Scan saved at 1:50:57 PM, on 6/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = www.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = www.msn.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [dnscleaner] C:\WINDOWS\dnscleaner.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Restart.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: MiniMavis.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {73F7A062-8829-11D1-B550-006097242D8D} (Voxware MetaSound Audio Decoder) - http://support.ninthhouse.com/updates/installers/voxacm.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

(6/11/05 1:40:33 PM) SPSeHjFix started v1.1.2
(6/11/05 1:40:33 PM) OS: WinXP Service Pack 1 (5.1.2600)
(6/11/05 1:40:33 PM) Language: english
(6/11/05 1:40:33 PM) Win-Path: C:\WINDOWS
(6/11/05 1:40:33 PM) System-Path: C:\WINDOWS\System32
(6/11/05 1:40:33 PM) Temp-Path: C:\DOCUME~1\Owner\LOCALS~1\Temp\
(6/11/05 1:40:40 PM) Disinfection started
(6/11/05 1:40:40 PM) Bad-Dll(IEP): c:\docume~1\owner\locals~1\temp\se.dll
(6/11/05 1:40:40 PM) Searchassistant Uninstaller found: regsvr32 /s /u C:\WINDOWS\System32\ajdj.dll
(6/11/05 1:40:40 PM) Searchassistant Uninstaller - Keys Deleted
(6/11/05 1:40:40 PM) UBF: 10 - UBB: 4 - UBR: 21
(6/11/05 1:40:40 PM) FilterKey: HKCR\text/html (deleted)
(6/11/05 1:40:40 PM) FilterKey: HKCR\CLSID\{01C4264E-667E-4B6B-91F5-ABC54B5FFACB} (deleted)
(6/11/05 1:40:40 PM) FilterKey: HKLM\SOFTWARE\Classes\text/html (error while deleting)
(6/11/05 1:40:40 PM) FilterKey: HKCR\text/plain (deleted)
(6/11/05 1:40:40 PM) FilterKey: HKCR\CLSID\{01C4264E-667E-4B6B-91F5-ABC54B5FFACB} (error while deleting)
(6/11/05 1:40:40 PM) FilterKey: HKLM\SOFTWARE\Classes\text/plain (error while deleting)
(6/11/05 1:40:40 PM) BHO-Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5266BFBB-6E4A-4C31-A370-C21DE9294AFF} (deleted)
(6/11/05 1:40:40 PM) BHO-Key: HKCR\CLSID\{5266BFBB-6E4A-4C31-A370-C21DE9294AFF} (deleted)
(6/11/05 1:40:40 PM) Run-Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\sp=rundll32 C:\DOCUME~1\Owner\LOCALS~1\Temp\se.dll,DllInstall (deleted)
(6/11/05 1:40:40 PM) UBF: 8 - UBB: 3 - UBR: 20
(6/11/05 1:40:40 PM) Bad IE-pages:
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\docume~1\owner\locals~1\temp\se.dll/spage.html
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Page: about:blank
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, HomeOldSP: about:blank
deleted: HKCU\Software\Microsoft\Internet Explorer\Search, SearchAssistant: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\docume~1\owner\locals~1\temp\se.dll/spage.html
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Page: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, HomeOldSP: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant: about:blank
(6/11/05 1:40:40 PM) Stealth-String not found
(6/11/05 1:40:40 PM) File added to delete: c:\windows\system32\ajdj.dll
(6/11/05 1:40:40 PM) File added to delete: c:\docume~1\owner\locals~1\temp\se.dll
(6/11/05 1:40:40 PM) Reboot

(6/11/05 1:42:12 PM) SPSeHjFix started v1.1.2
(6/11/05 1:42:12 PM) OS: WinXP Service Pack 1 (5.1.2600)
(6/11/05 1:42:12 PM) Language: english
(6/11/05 1:42:12 PM) Win-Path: C:\WINDOWS
(6/11/05 1:42:12 PM) System-Path: C:\WINDOWS\System32
(6/11/05 1:42:12 PM) Temp-Path: C:\DOCUME~1\Owner\LOCALS~1\Temp\
(6/11/05 1:43:04 PM) Disinfection started
(6/11/05 1:43:04 PM) Bad-Dll(IEP): c:\docume~1\owner\locals~1\temp\se.dll
(6/11/05 1:43:04 PM) Searchassistant Uninstaller found: regsvr32 /s /u C:\WINDOWS\System32\ajdj.dll
(6/11/05 1:43:04 PM) Searchassistant Uninstaller - Keys Deleted
(6/11/05 1:43:04 PM) UBF: 10 - UBB: 4 - UBR: 21
(6/11/05 1:43:04 PM) FilterKey: HKCR\text/html (deleted)
(6/11/05 1:43:04 PM) FilterKey: HKCR\CLSID\{0C29D587-601D-43C7-BB73-901F9D291C36} (deleted)
(6/11/05 1:43:04 PM) FilterKey: HKLM\SOFTWARE\Classes\text/html (error while deleting)
(6/11/05 1:43:04 PM) FilterKey: HKCR\text/plain (deleted)
(6/11/05 1:43:04 PM) FilterKey: HKCR\CLSID\{0C29D587-601D-43C7-BB73-901F9D291C36} (error while deleting)
(6/11/05 1:43:04 PM) FilterKey: HKLM\SOFTWARE\Classes\text/plain (error while deleting)
(6/11/05 1:43:04 PM) BHO-Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2782290A-F2C7-4439-B789-83D36F703B69} (deleted)
(6/11/05 1:43:04 PM) BHO-Key: HKCR\CLSID\{2782290A-F2C7-4439-B789-83D36F703B69} (deleted)
(6/11/05 1:43:04 PM) Run-Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\sp=rundll32 C:\DOCUME~1\Owner\LOCALS~1\Temp\se.dll,DllInstall (deleted)
(6/11/05 1:43:04 PM) UBF: 8 - UBB: 3 - UBR: 20
(6/11/05 1:43:04 PM) Bad IE-pages:
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\docume~1\owner\locals~1\temp\se.dll/spage.html
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Page: about:blank
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, HomeOldSP: about:blank
deleted: HKCU\Software\Microsoft\Internet Explorer\Search, SearchAssistant: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\docume~1\owner\locals~1\temp\se.dll/spage.html
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Page: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Main, HomeOldSP: about:blank
deleted: HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant: about:blank
(6/11/05 1:43:04 PM) Stealth-String not found
(6/11/05 1:43:04 PM) File added to delete: c:\windows\system32\ajdj.dll
(6/11/05 1:43:04 PM) File added to delete: c:\docume~1\owner\locals~1\temp\se.dll
(6/11/05 1:43:04 PM) Reboot

(6/11/05 1:44:16 PM) SPSeHjFix started v1.1.2
(6/11/05 1:44:16 PM) OS: WinXP Service Pack 1 (5.1.2600)
(6/11/05 1:44:16 PM) Language: english
(6/11/05 1:44:16 PM) Win-Path: C:\WINDOWS
(6/11/05 1:44:16 PM) System-Path: C:\WINDOWS\System32
(6/11/05 1:44:16 PM) Temp-Path: C:\DOCUME~1\Owner\LOCALS~1\Temp\

Delete the se.dll file. Also, how did you manage to get hijackthis out of the permanent folder into a temp one? :D.
All looks good anyway.

I don't know how I did it, lol. It just came that way I guess...

Thank you for all your help!!!

You are welcome :).