Make sure you still have hidden files set to show , system restore disabled and that you still have ccleaner.
1. Go to Add/Remove programs. Double click on "Messenger Plus!" (or click on Remove)
(see quote below!)
2. The "Messenger Plus! - Setup" is now displayed. Click on the Uninstall button. Note: options displayed on the first screen are not related to the sponsor program.
3. The sponsor screen is now displayed (if you don't see it, search for it in your Task Bar). To prove that someone is currently reading the screen, you have to type the code that is displayed. Once you enter the code, press Uninstall.
4. If you entered the code properly, the program will ask you to confirm that you want to uninstall. You must answer "Yes" to this question, else, you won't have another chance of uninstalling.
5. To complete the uninstallation, follow the instructions that are displayed (the first one is to close all your Internet Explorer windows, that's very important). When everything is complete, restart your computer and, hopefully one nasty infection is gone.
When removing Lop.com from the Add/Remove screen it may not show up as Messenger Plus instead also look for these and remove them:
Window Search
Window Searching
Lop.com
LOP SEARCH
Browser Enhancer
Ultimate Browser Enhancer
L.O P. Un insta11
L O.P. Un instal1
Live 0n line Portal
Live.0nli ne Porta1
Window Active
Finally there is a step in the removal process of Messneger Plus where the sponsor asks if you want to uninstall that aswell, You have to click YES to this part of the removal process
If you dont do this corretly then you will have no other choice but to reinstall Messenger Plus and then go through the whole removal process again from the start.
Then i would uninstall Logitech\Desktop Messenger in add/remove programs.
Then boot in safemode (hit f8 when booting up) and fix these with
hjt:
(if still present)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.mitahahoyasmjkhexiwykimxx...TyGnJ0R3sc.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.unmpmsfymmjjjmglw.com/xWR...Wom6byM4E.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
O2 - BHO: (no name) - {C4A1377C-16BE-3D61-ED4E-FBDBDCF74284} - C:\DOCUME~1\RENEEL~1\APPLIC~1\
ProcLove\poll eggs.exe
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file)
O4 - HKCU\..\Run: [LDM] C:\Program Files\
Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [ball less] C:\DOCUME~1\LISETT~1\APPLIC~1\SETTIN~1\
partextrameal.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\
P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - HKCU\..\RunServices: [virtual-machine] wini.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O18 - Protocol: bw+0 - {9E7E2DE0-AC2C-4E58-9BB0-809E84BD2C7E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Plus all other 018 Logitech\Desktop Messenger entry's.(all 018 , except the last one)
Then delete the files in bold , run ccleaner and then do a manuall search for and delete these:
winis.exe
wini.exe
Then run a new ewido scan and save the log from it.
After that reboot to normal mode and post the ewido log and a new
hjt log.
Also i see you have no no firewall and windows isn't updated , i would recommend to pay winupdate a visit , and have a look in our download section for free firewalls.
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
[Resolved] Friends log
[Resolved] Friends log
and consider a 
Linear Mode
