All you guys with "Only the best", i may have found the culprit

I found that the file respawning the problem after we remove it using hijack was msmsgs.exe file from the folder:

C:\Program Files\Messenger

I renamed

msmsgs.exe --> msmsgsexe.old
msmsgsin.exe --> msmsgsinexe.old

You will want to rename these in safemode.
Once back in normal mode, rerun hijacker and remove the pesky entries.

I hope this helps. I've been struggling at this the past 2 days 24/7

I would really like to thank chaslang for all his patience and help

So hopefully, this culprit is the same for the rest of you and should be able to fix this.

 

Ummm, I think a little more research is needed, they're both valid Windows Messenger files. What you've done by renaming them is to disable WM, which is better accomplished this way:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q302089

Most likely you're working around the problem by denying the hijacker access thru WM, which wouldn't be a valid option for folks that want to use it

 

i don't think its windows messenger, it appears they arre hijacking my older version of MSN Messenger. I have windows messenger disabled.

 

msmsgs.exe

File Version: 4.7.0.2009
Description: Messenger
Built By: Waddington
Company: Microsoft Corporation
Created: Saturday, August 23, 2003
Modified: Monday, April 14, 2003


msmsgsin.exe

File Version: 4.7.0.41
Description: Messenger
Company: Microsoft Corporation
Original File Name: msmsgsin.dll
Created: Tuesday, May 04, 2004
Modified: Thursday, August 29, 2002

Here is a screen shot of the folder

http://www.public.iastate.edu/~ajross/Sc05.JPG