Had win32:revop(trj), got rid of it, but still having probs

[macxi]

Okay, Ive done everything. Run scans, run spybot, fixed problems, and also made a log file and got rid of some things that I am pretty sure dont belong there. But there are a few that I am totally unsure about.. and dont know whether they are a problem and/or if its safe to remove it.
can someone help me?

thanx in advance

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TEMP\MSBB.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE

O4 - HKLM\..\Run: [qfwz] C:\WINDOWS\qfwz.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

 

[macxi]

or should I post my entire log file?

 

[diogenes10]

When making repairs, you should disable the ME system restore, then reboot and reenable it when finished.

This one is bad, would suggest emptying entire contents of the directory (C:\windows\temp ) if you are not saving anything there.
C:\WINDOWS\TEMP\MSBB.EXE

It would also be good to clean out the temporary internet files folder.

This one gives no hits on search engine, suspect it is a randomly named problem file-if so fix is to have hijackthis fix the line, reboot in safe mode and delete the file.
O4 - HKLM\..\Run: [qfwz] C:\WINDOWS\qfwz.exe

And yes, if you want a cross check on the balance of the log, you should post it.


-------------------------------------
It's 10 O'Clock ( somewhere! ).
Are your registry and data backed up?