Try this,see if it helps at all:

Download and run this BAT file  HERE.

This will restore all file associations to xp default.

When you’ve done that,reboot.

_______________________________________________________________



ASAP & UNITE member since 2006

Thanks for your very fast reply. I followed your instructions. I downloaded the BAT file and rebooted but, I still can't save the "Hijack This" scan report. Any suggestions?

Thank you, Warren

Chris

Please download ATF Cleaner by Atribune:
http://www.atribune.org/ccount/click.php?id=1
This program is for XP and Windows 2000 only.
Double-click ATF-Cleaner.exe to run the program.
Under 'Main' choose: 'Select All'.
Click the 'Empty Selected' button.
===============================
Download and scan with the free trial of Sunbelt's Counterspy:
http://www.sunbelt-software.com/CounterSpy.cfm
Save the report when it's finished:
1.Once Counterspy has done scanning,the 'Scan Results' box will appear.
2.Click on 'View Results'.
3.Under (Recommended Action),using the drop down menu arrows at the side of each entry found,set EVERYTHING to 'Remove'.
4.Then click on 'Take Action'.
5.Once everything has been removed,click on 'View Details'.
6.Copy and Paste those details into a Word/Text document,then save it to your desktop.

===============================================================

Download Ewido Anti Malware v3.5 from here:
http://www.ewido.net/en/download/
1. After download, double click on the file to launch the install process.
2. During installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
3. Launch ewido by double-clicking the "e" icon on your desktop.
4. The program will prompt you to update - click the "OK" button.
5. On the left side of the main screen, click on "Update" and then click "Start Update". The update will start and a progress bar will show the updates being installed.
6. After the updates are installed, you will see "Update Successful" in the lower left corner.
If you are having problems with the updater, manually update from here:
http://www.ewido.net/en/download/updates/
Once the updates are installed do the following:
1. Click on "Scanner" and choose "Settings".
2. Under the bottom section "What to Scan?" make sure "Scan every file" is selected.
3. Select "OK" and you will return to scanning options.
4. On the main screen click on "Complete System Scan" to start the scan.
5. While the scan is in progress, you will be prompted to clean the first infected file if finds. Put a check next to "Perform action on all infections" in the lower left corner.
6. Then choose "Remove" and click "OK".
7. When the scan has completed, Ewido will create a report.txt file.
8. Click the "Save Report" button on the bottom of the screen and save the log to your desktop.
9. Exit Ewido when done.

=============================================================

Please run Activescan online virus/spyware scan using Internet Explorer:
http://www.pandasoftware.com/products/activescan.htm
Once you are on the Panda site click the Scan your PC button.
A new window will open...click the Check Now button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address and click send.
Select either Home User or Company.
Click the big Scan Now button.
If it wants to install an ActiveX component, allow it to.
It will start downloading the files it requires for the scan (Note: It may take a minute or two).
When download is complete, click on Local Disks to start the scan.
When the scan completes, click the See Report button, then Save Report, and save it to your desktop.
 
Reboot,post all three above reports.

_______________________________________________________________



ASAP & UNITE member since 2006

Spyware Scan Details
Start Date: 6/11/2006 11:03:38 AM
End Date: 6/11/2006 11:50:19 AM
Total Time: 46 mins 41 secs

Detected spyware

Weatherbug Low Risk Adware  more information...
Details: Weatherbug is an ad supported desktop weather applicaton that provides updates on weather conditions and displays real time temperatures in the taskbar icon.
Status: Deleted

Infected files detected
c:\documents and settings\warren smith\application data\weatherbug\102x96achievetile.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96ivanteam.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96marcus.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96ryan.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96uniquegift.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96uniquegifts.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96wireless4.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96wireless5.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96wireless6.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96wireless8.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96wireless9.jpg
c:\documents and settings\warren smith\application data\weatherbug\102x96_unicef2.jpg
c:\documents and settings\warren smith\application data\weatherbug\533.jpg
c:\documents and settings\warren smith\application data\weatherbug\60mktg-enterprise-mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60mktg-enterprise.jpg
c:\documents and settings\warren smith\application data\weatherbug\60sales-blockbuster-mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60sales-blockbuster.jpg
c:\documents and settings\warren smith\application data\weatherbug\60sales-castrol-mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60sales-castrol.jpg
c:\documents and settings\warren smith\application data\weatherbug\60sales-imodium.jpg
c:\documents and settings\warren smith\application data\weatherbug\60sales-imodium_mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60sales-nexium6-mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60sales-nexium6.jpg
c:\documents and settings\warren smith\application data\weatherbug\60sales-walmartmesp-mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60sales-walmartmesp.jpg
c:\documents and settings\warren smith\application data\weatherbug\60sales-wyndham-mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60sales-wyndham.jpg
c:\documents and settings\warren smith\application data\weatherbug\60_blueyellow.jpg
c:\documents and settings\warren smith\application data\weatherbug\60_blueyellow_mask.bmp
c:\documents and settings\warren smith\application data\weatherbug\60_blueyellow_nav.jpg
c:\documents and settings\warren smith\application data\weatherbug\default_nationaltile.jpg
c:\documents and settings\warren smith\application data\weatherbug\default_nationaltile_tip.jpg
c:\documents and settings\warren smith\application data\weatherbug\free_topnav_sqr_wxstore.jpg
c:\documents and settings\warren smith\application data\weatherbug\free_topnav_wxstore.jpg
c:\documents and settings\warren smith\application data\weatherbug\goldtopnav_wireless_round.jpg
c:\documents and settings\warren smith\application data\weatherbug\goldtopnav_wireless_sq.jpg
c:\documents and settings\warren smith\application data\weatherbug\nav_alt2.jpg
c:\documents and settings\warren smith\application data\weatherbug\nav_square.jpg
c:\documents and settings\warren smith\application data\weatherbug\nav_square2.jpg
c:\documents and settings\warren smith\application data\weatherbug\nws_102x96_2.jpeg
c:\documents and settings\warren smith\application data\weatherbug\sponsor_charley.jpg
c:\documents and settings\warren smith\application data\weatherbug\topnav_wireless_round.jpg
c:\documents and settings\warren smith\application data\weatherbug\topnav_wireless_square.jpg

Infected registry entries detected
HKEY_CLASSES_ROOT\interface\{04a38f6b-006f-4247-ba4c-02a139d5531c}
HKEY_CLASSES_ROOT\interface\{04a38f6b-006f-4247-ba4c-02a139d5531c}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\interface\{04a38f6b-006f-4247-ba4c-02a139d5531c}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\interface\{04a38f6b-006f-4247-ba4c-02a139d5531c}\TypeLib {3C2D2A1E-031F-4397-9614-87C932A848E0}
HKEY_CLASSES_ROOT\interface\{04a38f6b-006f-4247-ba4c-02a139d5531c}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} IMiniBugTransporterX
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1\CLSID {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 MiniBugTransporterX Class
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx\CLSID {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx\CurVer MiniBugTransporter.MiniBugTransporterX.1
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx MiniBugTransporterX Class
HKEY_CLASSES_ROOT\typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0}
HKEY_CLASSES_ROOT\typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\MiniBugTransporter.dll
HKEY_CLASSES_ROOT\typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\
HKEY_CLASSES_ROOT\typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0}\1.0 MiniBugTransporter 1.0 Type Library
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/minibugtransporter.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/minibugtransporter.dll .Owner {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/minibugtransporter.dll {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs C:\WINDOWS\Downloaded Program Files\MiniBugTransporter.dll 1


My Search Bar Potentially Unwanted Program  more information...
Details: My Search Bar and the variants "My Way Speedbar" and "My Way Search Assistant", are browser helper objects that allows you to search on multiple search engines.
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP292\A0036098.DLL

---------------------------------------------------------

ewido anti-malware - Scan report

---------------------------------------------------------

+ Created on: 7:44:53 PM, 6/12/2006

+ Report-Checksum: EA2F1F8A

+ Scan result:

C:\Documents and Settings\Warren Smith\Cookies\warren smith@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0058212.dll -> Adware.Virtumonde : Cleaned with backup

::Report End

ncident                                                                        Status                        Location                                                                                                                                                                                                                                                       

Virus:Eicar.Mod                                                                 Not disinfected               C:\Program Files\PestPatrol\Help.chm[/HowCanITestDetection.html]                                                                                                                                                                                               
Spyware:Cookie/Atwola                                                           Not disinfected               C:\Program Files\PestPatrol\Quarantine\20060523053207484.zip[Documents and Settings/Warren Smith/Cookies/warren smith@atwola[1].txt]