trojan plus elitum.elitebar

Try giving this a run first: EliteToolbar Remover

If that does not help procede to the below steps!

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Is this log from safe boot mode or normal boot mode. Please note that you installed HijackThis into a folder that we specifically requested that you not use. Please fix this.

First a couple comments:
1) You are running without an antivirus application. This is a very very bad idea.
2) You do not have a software firewall installed. The one built-in to WinXP SP2 is not sufficient.

You need to visit the below thread and take all the steps indicated:

How to Protect yourself from malware!

You have conime.exe running on your PC. Read the below. This is why you need an antivirus application and a firewall.

conime.exe is a process which is registered as the BFGhost 1.0 Remote administration backdoor tool. This backdoor application can allow attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately. Please see additional details regarding this process

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Please run HijackThis and click on the "Open the Misc Tools Section" button on the open page. Then select "Open process manager" on the left-hand side. Look for the following process (or processes) and one at a time kill them by selecting it and then click "Kill process". Then click yes.
C:\WINDOWS\system32\conime.exe

After killing all the above processes, click "Back".
Then please click "Scan" and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\eliterfk32.exe
After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\system32\conime.exe
C:\windows\system32\eliterfk32.exe

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now run Ccleaner (installed while running the READ ME FIRST).

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

You should boot into safe mode and have HJT fix the below entry (but make sure all browsers are closed - you had a browser running when you last posted your HJT log):

O4 - HKLM\..\Run: [etbrun] C:\windows\system32\eliterfk32.exe

After fixing exit HJT.
Run Windows Explorer and delete:
C:\windows\system32\eliterfk32.exe

Also delete the others you mentioned:
elitebsu32.exe, eliteevo32.exe, elitewc32.exe, elitehod32.exe, eliteklc32.exe, elitebw32.exe, elitetfj32.exe, elitevsr32.exe, eliteztu32.exe

Then reboot in normal mode and post a new HJT log. If it comes back again you need to run msconfig and set it for Normal Startup. I need to see all things that may be hiding in your startup.

 

Your clean! Now it's time to run the steps in the below link to help keep you that way:

How to Protect yourself from malware!

 

You're welcome Scott and thanks for recommending us to others!