Logfile of HijackThis v1.99.1
Scan saved at 10:18:06 AM, on 8/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\QuickTime\qttask.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe
D:\Program Files\NoAds\NoAds.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\COMMON~1\MBOLS~1\userinit.exe
D:\Program Files\Webroot\Washer\Webroot\Washer\wwDisp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\ScanPanel\ScnPanel.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\??crosoft\m?dtc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Julio Franco\Local Settings\Temporary Internet Files\Content.IE5\S641B8T3\aswclnr[1].exe
C:\Documents and Settings\Julio Franco\Local Settings\Temporary Internet Files\Content.IE5\S641B8T3\aswclnr[1].tmp
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Julio Franco\Local Settings\Temporary Internet Files\Content.IE5AQNDW61\HijackThis[1].exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/yessentials/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = cdn
R3 – URLSearchHook: IncrediFindBHO Class – {5D60FF48-95BE-4956-B4C6-6BB168A70310} – C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F3 – REG:win.ini: load=
O2 – BHO: Yahoo! Toolbar Helper – {02478D38-C3F9-4EFB-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: Yahoo! IE Services Button – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 – BHO: IncrediFindBHO Class – {5D60FF48-95BE-4956-B4C6-6BB168A70310} – C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 – BHO: (no name) – {7E853D72-626A-48EC-A868-BA8D5E23E045} – (no file)
O2 – BHO: IEHooks Class – {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} – C:\Program Files\ClearSearch\IE_ClrSch.DLL (file missing)
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – c:\program files\google\googletoolbar2.dll (file missing)
O2 – BHO: (no name) – {B4757738-B5DD-C82F-89DD-E1ABD87750B1} – C:\WINDOWS\system32\nnetbido.dll
O2 – BHO: (no name) – {F195A1A9-4033-4E5B-B85C-848C3E31A83A} – c:\syslibie.dll (file missing)
O2 – BHO: (no name) – {FD3A6AB4-5527-4B52-90AF-F90CD3270861} – C:\WINDOWS\system32\inetconnect.dll (file missing)
O3 – Toolbar: (no name) – {FE6BC4EF-5676-484B-88AE-883323913256} – (no file)
O3 – Toolbar: PowerSearch – {4E7BD74F-2B8D-469E-D3FA-F27BA787AD2D} – C:\PROGRA~1\POWERS~1\Toolbar\pwrswmda.dll (file missing)
O3 – Toolbar: (no name) – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – (no file)
O3 – Toolbar: McAfee VirusScan – {BA52B914-B692-46c4-B683-905236F6F655} – c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 – HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 – HKLM\..\Run: [MSUpdate] c:\CriticalUpdate.exe
O4 – HKLM\..\Run: [RegistryMonitor] c:\registry.pif
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 – HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 – HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 – HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 – HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 – HKLM\..\Run: [4X@95ME57C5BM8] C:\WINDOWS\System32\SzfpW5ln.exe
O4 – HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 – HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 – HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 – HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 – HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [VideoraiPodConverter] D:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe -t
O4 – HKLM\..\Run: [Srv32Win] D:\Documents and Settings\Julio Franco\My Documents\Spytech Software\Spytech SpyAgent\SpyAgent4.exe
O4 – HKLM\..\Run: [runner1] C:\WINDOWS\retadpu11.exe 61A847B5BBF72813338B2B27128065E9C084320161C4661227A755E9C2933154389A284662E901F3D293314D6ECF32257895769ABCF75D7551F77A0336A845A38782230C67D36D
O4 – HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\SystemDoctor\dcpasmon.exe"
O4 – HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe -scan
O4 – HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 – HKCU\..\Run: [NoAds] "D:\Program Files\NoAds\NoAds.exe"
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 – HKCU\..\Run: [Iinl] "C:\PROGRA~1\COMMON~1\MBOLS~1\userinit.exe" -vt yazb
O4 – HKCU\..\Run: [Gtxtp] C:\WINDOWS\system32\??crosoft\m?dtc.exe
O4 – HKCU\..\Run: [Window Washer] D:\Program Files\Webroot\Washer\Webroot\Washer\wwDisp.exe
O4 – Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: Remocon Driver.lnk = ?
O4 – Global Startup: ScanPanel.lnk = C:\ScanPanel\ScnPanel.exe
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: &Search – http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm565YYUS
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&xport to Microsoft Excel – res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Image Converter 2 ??? – D:\Documents and Settings\Julio Franco\My Documents\New Folder\New Software\ImageConverter2installed\menu.htm
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 – Extra context menu item: Yahoo! &SMS – file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 – Extra button: ComcastHSI – {669B269B-0D4E-41FB-A3D8-FD67CA94F646} – http://www.comcast.net/ (file missing)
O9 – Extra button: Support – {8828075D-D097-4055-AA02-2DBFA9D85E8A} – http://www.comcastsupport.com/ (file missing)
O9 – Extra button: Help – {97809617-3937-4F84-B335-9BB05EF1A8D4} – http://online.comcast.net/help/ (file missing)
O9 – Extra button: Run IMVU – {d9288080-1baa-4bc4-9cf8-a92d743db949} – C:\Documents and Settings\Julio Franco\Start Menu\Programs\avatar\Run IMVU.lnk
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 – Options group: [INTERNATIONAL] International*
O14 – IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 – Trusted Zone: *.stumbleupon.com
O16 – DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) – http://support.f-secure.com/ols/fscax.cab
O16 – DPF: {13197ACE-6851-45C3-A7FF-C281324D5489} – http://www.2nd-thought.com/files/install013.exe
O16 – DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} – http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15.cab
O16 – DPF: {1F1FCE08-9279-4F21-8929-9291CEA05168} – http://www.emarketfocus.com/trialware/Mortgage_Quest_Setup.cab
O16 – DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) – C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 – DPF: {66E79B75-F711-4A88-9C6D-10BCA64F3306} (DriveCamPlayer Class) – http://www.drivecam.com/videos/DriveCamEvent.dll
O16 – DPF: {A7798D6C-C6B5-4F26-9363-F7CDBBFFA607} (download Class) – http://www.gamedaily.com/ActiveX/vxpspeeddelivery.dll
O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 – Winlogon Notify: igfxcui – C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: Boonty Games – BOONTY – C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 – Service: Crypkey License – Unknown owner – crypserv.exe (file missing)
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 – Service: iPod Service – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: McAfee WSC Integration (McDetect.exe) – McAfee, Inc – c:\program files\mcafee.com\agent\mcdetect.exe
O23 – Service: McAfee Task Scheduler (McTskshd.exe) – McAfee, Inc – c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 – Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) – McAfee, Inc – C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 – Service: Distributed Transaction Coordinator (MSDTC) – Unknown owner – C:\WINDOWS\System32\msdtc.exe (file missing)
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: Sony SPTI Service (SPTISRV) – Sony Corporation – C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 – Service: Symantec Core LC – Unknown owner – C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 – Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) – Unknown owner – C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 – Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) – Unknown owner – C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 – Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 – Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) – Sony Corporation – C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 – Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) – Unknown owner – C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 – Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 – Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) – Unknown owner – C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 – Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) – Unknown owner – C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 – Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe

can anyone tell me what?

i can safely delete from this hijackthis log.i tried a few forums but they seem to be unavailable.my computer has had tons of spyware and viruses(since the kids snuck on).

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:36:44 PM, on 3/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\mgmrwmrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\system32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP9731\Program\Updates from HP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Documents and Settings\HP_Owner\Desktop\HiJackThis_v2.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\mgmrwmrv.exe,
O1 – Hosts: 202.67.220.239 win.mail.ru
O2 – BHO: (no name) – {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} – (no file)
O2 – BHO: (no name) – {00000012-890e-4aac-afd9-eff6954a34dd} – (no file)
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: (no name) – {029e02f0-a0e5-4b19-b958-7bf2db29fb13} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: (no name) – {06dfedaa-6196-11d5-bfc8-00508b4a487d} – (no file)
O2 – BHO: (no name) – {12F02779-6D88-4958-8AD3-83C12D86ADC7} – (no file)
O2 – BHO: (no name) – {1adbcce8-cf84-441e-9b38-afc7a19c06a4} – (no file)
O2 – BHO: (no name) – {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} – (no file)
O2 – BHO: RealPlayer Download and Record Plugin for Internet Explorer – {3049C3E9-B461-4BC5-8870-4C09146192CA} – C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 – BHO: (no name) – {4c8c03f4-1dd2-11b2-a384-b58436937e0f} – C:\WINDOWS\pcvgfidw.dll
O2 – BHO: (no name) – {51641ef3-8a7a-4d84-8659-b0911e947cc8} – (no file)
O2 – BHO: (no name) – {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} – (no file)
O2 – BHO: (no name) – {54645654-2225-4455-44A1-9F4543D34546} – (no file)
O2 – BHO: (no name) – {669695bc-a811-4a9d-8cdf-ba8c795f261e} – (no file)
O2 – BHO: (no name) – {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} – (no file)
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 – BHO: (no name) – {79D0393B-5F37-45A1-962A-32E4D4FEC707} – C:\WINDOWS\system32\borlndm.dll
O2 – BHO: (no name) – {8746E46A-7415-4223-A709-BEDA260B7DED} – C:\WINDOWS\system32\vtstq.dll
O2 – BHO: (no name) – {944864a5-3916-46e2-96a9-a2e84f3f1208} – (no file)
O2 – BHO: (no name) – {a4a435cf-3583-11d4-91bd-0048546a1450} – (no file)
O2 – BHO: (no name) – {ACF92699-B3B6-4126-AE02-FAAA922FF90E} – C:\Program Files\Windows Media Player\safepC:\DOCUME~1\HP_Owner\LOCALS~1\Temp\CEMG555077.exe.dll (file missing)
O2 – BHO: (no name) – {B07BE832-8D3F-4B9C-8EEA-3E8AD646BCC7} – (no file)
O2 – BHO: (no name) – {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} – (no file)
O2 – BHO: (no name) – {bb936323-19fa-4521-ba29-eca6a121bc78} – (no file)
O2 – BHO: (no name) – {c2680e10-1655-4a0e-87f8-4259325a84b7} – (no file)
O2 – BHO: (no name) – {c4ca6559-2cf1-48b6-96b2-8340a06fd129} – (no file)
O2 – BHO: (no name) – {c5af2622-8c75-4dfb-9693-23ab7686a456} – (no file)
O2 – BHO: (no name) – {C7EB2A3D-AD12-4A63-A65E-692C6C518C00} – C:\WINDOWS\repair\gvauala.dll (file missing)
O2 – BHO: (no name) – {ca1d1b05-9c66-11d5-a009-000103c1e50b} – (no file)
O2 – BHO: (no name) – {d8efadf1-9009-11d6-8c73-608c5dc19089} – (no file)
O2 – BHO: (no name) – {E08DE81E-7E47-4777-84C5-C45DA13BCF91} – C:\WINDOWS\system32\qommlij.dll
O2 – BHO: (no name) – {e9147a0a-a866-4214-b47c-da821891240f} – (no file)
O2 – BHO: (no name) – {e9306072-417e-43e3-81d5-369490beef7c} – (no file)
O3 – Toolbar: HP view – {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} – c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 – HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 – HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 – HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 – HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 – HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 – HKLM\..\Run: [VTTimer] VTTimer.exe
O4 – HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 – HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 – HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\printray.exe
O4 – HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 – HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 – HKLM\..\Run: [ubermdkj] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\ubermdkj.dll"
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – Startup: .protected
O4 – Global Startup: .protected
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP9731\Program\Updates from HP.exe
O8 – Extra context menu item: &Search – http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZC
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\WINDOWS\system32\msjava.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\WINDOWS\system32\msjava.dll
O9 – Extra button: Messenger – {4528BBE0-4E08-11D5-AD55-00010333D0AD} – C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 – Extra ‘Tools’ menuitem: Yahoo! Messenger – {4528BBE0-4E08-11D5-AD55-00010333D0AD} – C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O12 – Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 – Trusted Zone: http://locator1.cdn.imagesrvr.com
O15 – Trusted IP range: http://202.67.220.225
O15 – Trusted IP range: http://59.148.220.121
O15 – Trusted IP range: http://62.4.84.53
O15 – Trusted IP range: http://82.98.235.58
O15 – Trusted IP range: http://85.12.25.90
O16 – DPF: {1B30282C-970F-4DCC-97D1-1714277525C1} – http://profile.homescanonline.com/hso/binary/NetMeter_preinstaller_activex_en_4.70.28.0_HOMESCAN.cab
O16 – DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} –
O16 – DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) – http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
O16 – DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) – http://www.worldwinner.com/games/v42/jigsaw/jigsaw.cab
O16 – DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) – http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 – DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) – http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 – DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} (CDToolCtrl Class) – http://free.aol.com/tryaolfree/cdt175/aolcdt175.cab
O16 – DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) – http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 – DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) – http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 – DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) – http://zone.msn.com/bingame/popcaploader_v10.cab
O16 – DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) – http://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
O20 – Winlogon Notify: qommlij – C:\WINDOWS\SYSTEM32\qommlij.dll
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – ALWIL Software – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\Intel 32\IDriverT.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\system32\HPZipm12.exe


End of file – 13132 bytes

RegCureLogfile of HijackThis v1.99.1
Scan saved at 16:50:32, on 2007-3-4
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\internat.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Rogers\SelfHealing\rogersagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\mshta.exe
C:\iE6\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
O2 – BHO: Yahoo! Toolbar Helper – {02478D38-C3F9-4EFB-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
O2 – BHO: Share Accelerator MM Toolbar – {4596013b-6c31-408b-a266-deae5c086dc2} – C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 – BHO: (no name) – {53707962-6F74-2D53-2644-206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: Yahoo! IE Services Button – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\common\yiesrvc.dll
O3 – Toolbar: Share Accelerator MM Toolbar – {4596013b-6c31-408b-a266-deae5c086dc2} – C:\Program Files\Share_Accelerator_MM\tbShar.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 – HKCU\..\Run: [internat.exe] internat.exe
O4 – HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 – HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 – HKCU\..\Run: [FreeCall] "C:\program files\freecall.com\freecall\freecall.exe" -nosplash -minimized
O4 – HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 – HKCU\..\Run: [SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
O4 – HKCU\..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\rogersagent.exe
O4 – HKCU\..\Run: [Windows Registry Repair Pro] C:\Program FilesB Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 – HKCU\..\Run: [Bleh Idle] C:\DOCUME~1\ADMINI~1\APPLIC~1\INTRAG~1\eqflawstupid.exe
O4 – HKCU\..\RunOnce: [ypagerps6] cmd.exe /C del "C:\Program Files\Yahoo!\Messenger\ypagerps6.DLL"
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 – Extra context menu item: Yahoo! &SMS – file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\common\yiesrvc.dll
O10 – Unknown file in Winsock LSP: c:\winnt\system32\toonjoke.dll
O10 – Unknown file in Winsock LSP: c:\winnt\system32\toonjoke.dll
O16 – DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) – C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation Service (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Logical Disk Manager Administrative Service (dmadmin) – VERITAS Software Corp. – C:\WINNT\System32\dmadmin.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: InCD Helper (InCDsrv) – Ahead Software AG – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: InCD Helper (read only) (InCDsrvR) – Ahead Software AG – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: Norton AntiVirus Auto Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: Network Tran mngr (Network Tran) – Unknown owner – c:\winnt\system32\flashtem.exe
O23 – Service: Norton Unerase Protection (NProtectService) – Symantec Corporation – C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: SymWMI Service (SymWSC) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 – Service: TPK host (TPK) – Unknown owner – C:\WINNT\system32\TaskPK.exe (file missing)

get rid of errorsafe?

Logfile of HijackThis v1.99.1
Scan saved at 4:31:48 PM, on 11/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpEng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll
O3 – Toolbar: &Save Flash – {4064EA35-578D-4073-A834-C96D82CBCF40} – C:\Program Files\Save Flash\SaveFlash.dll
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 – HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 – HKLM\..\Run: [YCentral] C:\Program Files\Yahoo!\YCentral\YahooCentral.exe
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 – HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 – HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 – HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 – Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 – Extra context menu item: Yahoo! &SMS – file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 – Extra button: Web Anti-Virus – {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} – C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\WINDOWS\System32\shdocvw.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 – Extra button: AIM – {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} – C:\PROGRA~1\AIM\aim.exe
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O11 – Options group: [INTERNATIONAL] International*
O12 – Plugin for .xfd: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 – DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) – https://www.windowsonecare.com/install/cli/1.1.1067.8/WinSSWebAgent.CAB
O16 – DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) – http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162344926796
O16 – DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) – https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 – DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) – http://h30155.www3.hp.com/ediags/hpfix/aio/en/check/qdiagh.cab?326
O16 – DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) – http://chat.msn.com/bin/msnchat45.cab
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Kaspersky Anti-Virus 6.0 (AVP) – Unknown owner – C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 – Service: InCD File System Service (InCDsrv) – Ahead Software – (no file)
O23 – Service: iPod Service – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Macromedia Licensing Service – Unknown owner – C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: MSMPSVC – Unknown owner – C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe" -n 4 (file missing)
O23 – Service: NkPtpEnumP2 – Unknown owner – C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)

Logfile of HijackThis v1.99.1
Scan saved at 4:20:57 PM, on 10/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system\lsass.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Chatango\Chatango.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R3 – URLSearchHook: SweetIM For Internet Explorer – {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} – C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: SWEETIE – {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} – C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 – BHO: Pop-Up Blocker BHO – {3C060EA2-E6A9-4E49-A530-D4657B8C449A} – C:\Program Files\Bell\Security Manager\pkR.dll
O2 – BHO: (no name) – {491AF6C5-21F2-46E1-C653-3DF529127D7B} – C:\WINDOWS\wcidBHO.dll
O2 – BHO: Megaupload Toolbar – {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} – C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 – BHO: Form Filler BHO – {56071E0D-C61B-11D3-B41C-00E02927A304} – C:\Program Files\Bell\Security Manager\FBHR.dll
O2 – BHO: DriveLetterAccess – {5CA3D70E-1895-11CF-8E15-001234567890} – C:\WINDOWS\system32\dla\tfswshx.dll
O2 – BHO: (no name) – {7E853D72-626A-48EC-A868-BA8D5E23E045} – (no file)
O2 – BHO: (no name) – {85CF4327-68DE-1974-B32E-766E84A9706C} – C:\WINDOWS\wcidBHO.dll
O2 – BHO: (no name) – {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} – C:\WINDOWS\system32\req.dll (file missing)
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – c:\program files\google\googletoolbar1.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier.0.301.7164\swg.dll
O2 – BHO: Windows Live Toolbar Helper – {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} – C:\Program Files\Windows Live Toolbar\msntb.dll
O2 – BHO: MegaIEMn – {bf00e119-21a3-4fd1-b178-3b8537e75c92} – C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 – Toolbar: Megaupload Toolbar – {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} – C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 – Toolbar: Windows Live Toolbar – {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} – C:\Program Files\Windows Live Toolbar\msntb.dll
O3 – Toolbar: SweetIM For Internet Explorer – {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} – C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 – Toolbar: &Google – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 – HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe"
O4 – HKLM\..\Run: [Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [msgadjust] C:\Documents and Settings\DANILO\Desktop\msgadjust2[1]\Final\msgadjust.exe
O4 – HKLM\..\Run: [msgairlive] C:\Program Files\MessengerAirLive\msgairlive.exe
O4 – HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 – HKLM\..\Run: [Windows Lsass Services] C:\WINDOWS\system\lsass.exe
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 – HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users\Application Data\great coal love default\Trust That.exe
O4 – HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 – HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 – HKCU\..\Run: [Chatango] C:\Program Files\Chatango\Chatango.exe
O4 – HKCU\..\Run: [bows clock] C:\DOCUME~1\DANILO\APPLIC~1\GREYTI~1\hole itch.exe
O4 – Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 – Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 – Extra context menu item: &Search – http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 – Extra context menu item: &Windows Live Search – res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 – Extra context menu item: Add to Windows &Live Favorites – http://favorites.live.com/quickadd.aspx
O8 – Extra context menu item: Open in new background tab – res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/229?129c670b55994cf9aa2d977583bafe70
O8 – Extra context menu item: Open in new foreground tab – res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/230?129c670b55994cf9aa2d977583bafe70
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\WINDOWS\system32\msjava.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\WINDOWS\system32\msjava.dll
O9 – Extra button: Norton Confidence Online – {144FDEB7-A23D-4D39-A00E-AA44195535B6} – C:\WINDOWS\wcidButton.exe
O9 – Extra button: Real.com – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – C:\WINDOWS\system32\Shdocvw.dll
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 – Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 – DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) – http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 – DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) – http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 – DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) – http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 – DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} – http://download.divx.com/player/DivXBrowserPlugin.cab
O16 – DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) – http://www.gamesmania.com/ExentCtl.ocx
O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 – DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) – http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 – DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) – http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 – DPF: {CCC46940-DED0-476C-A27E-115B10DAE0B4} – http://td.nortonconfidenceonline.com/plug-in/WSAS.cab
O16 – DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) – http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 – DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) – http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{03F15FA0-8A3F-48F1-8D7A-EF1547FC750A}: NameServer = 206.47.244.87 206.47.244.136
O17 – HKLM\System\CS1\Services\Tcpip\..\{03F15FA0-8A3F-48F1-8D7A-EF1547FC750A}: NameServer = 206.47.244.87 206.47.244.136
O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 – Filter: text/html – {2AB289AE-4B90-4281-B2AE-1F4BB034B647} – (no file)
O20 – Winlogon Notify: igfxcui – C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 – Winlogon Notify: req – C:\WINDOWS\system32\req.dll (file missing)
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 – SSODL: WPDShServiceObj – {AAA288BA-9A4C-45B0-95D7-94D524869DB5} – C:\WINDOWS\system32\WPDShServiceObj.dll
O23 – Service: AOL Connectivity Service (AOL ACS) – America Online, Inc. – C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 – Service: Apple Mobile Device – Apple, Inc. – C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 – Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) – Apple Computer, Inc. – C:\Program Files\Bonjour\mDNSResponder.exe
O23 – Service: dlbt_device – Dell – C:\WINDOWS\system32\dlbtcoms.exe
O23 – Service: DvpApi (dvpapi) – Command Software Systems, Inc. – C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 – Service: FLEXnet Licensing Service – Macrovision Europe Ltd. – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: iPod Service – Apple Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Intel NCS NetService (NetSvc) – Intel(R) Corporation – C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 – Service: Security Manager Firewall (RP_FWS) – Radialpoint Inc. – C:\Program Files\Bell\Security Manager\fws.exe
O23 – Service: Windows Live Setup Service (WLSetupSvc) – Unknown owner – C:\Program Files\Windows Live\installer\WLSetupSvc.exe