I am a webmaster, and I am trying to build my website, but my computer keeps acting weird and seems to be going into random hybernation for no reason in the middle of ANYTHING. I tried to do a scan to see if there was any virus/malware that was causing this, but nothing came up.

When I ran Spybot Search and Destroy, "Smitfraud-C. Toolbar888" came up… for the bazillionth time! What do I do??? Also, random websites just pop up in new windows, and I can’t stop them. Even pop-up blockers with by Browser and Google Toolbar can’t stop them!

Here is some info that I got from HijackThis (You may find Vista applications listed due to the fact that I downloaded the Vista Transformation package from WindowsX):

Logfile of HijackThis v1.99.1
Scan saved at 11:13:27 AM, on 06/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\FSI\F-Prot\fpavupdm.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\S3tray2.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\{34960067-AA37-4A08-929E-5E2E79AC4994}\Blaero Start Orb.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\{689E0DA4-EC91-4BA6-9817-E9D090367F49}\sidebar.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\MDLAAK1Y\Windows-KB890830-V1.29[1].exe
c:f2b4d98fc082856d2a86ba268e7dad0\mrtstub.exe
C:\WINDOWS\system32\MRT.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\hijackthis_199\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 – Toolbar: &Google – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: StylerToolBar – {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} – C:\Program Files\Styler\TB\StylerTB.dll
O4 – HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 – HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 – HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\hpztsb04.exe
O4 – HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 – HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 – HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 – HKLM\..\Run: [RCAutoLiveUpdate] C:\Program Files\Max Registry Cleaner\MaxLiveUpdateRC.exe -AUTO
O4 – HKLM\..\Run: [RCSystemTray] C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe
O4 – HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 – HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe
O4 – HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe
O4 – HKLM\..\Run: [Blaero Start Orb] C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe
O4 – HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe
O4 – HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\ppjickkp.dll",realset
O4 – HKLM\..\Run: [MSRegScan] C:\Program Files\CMK Demo\RSCMKDemo.exe
O4 – HKLM\..\Run: [j4211039] rundll32 C:\WINDOWS\system32\j4211039.dll sook
O4 – HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\system32\nyfblbrr.dll",realset
O4 – HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
O4 – HKCU\..\Run: [Zero Knowledge Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 – HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Startup: Vista sidebar.lnk = C:\Program Files\Vista Sidebar\sidebar.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 – Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 – Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 – Global Startup: hp center UI.lnk = C:\Program Files\hp center7903\Shadow\ShadowBar.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 – Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Open with WordPerfect – C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O11 – Options group: [INTERNATIONAL] International*
O12 – Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 – DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} – http://software-dl.real.com/233de769…p/RdxIE601.cab
O16 – DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/S…/bin/cabsa.cab
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsof…?1143834557002
O16 – DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) – https://secure.logmein.com/activex/RACtrl.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{BDB36E4F-BE12-4941-A468-E5E99571E66A}: NameServer = 192.168.1.254
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: F-Prot Antivirus Update Monitor – FRISK Software – C:\Program Files\FSI\F-Prot\fpavupdm.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: ProtexisLicensing – Unknown owner – C:\WINDOWS\system32\PSIService.exe

P.S. This is a shared work-related computer on a network, so I don’t know what all may be listed above or downloaded on here that may not be "good," ya know?

Thanks for any help!

can anyone tell me what?

i can safely delete from this hijackthis log.i tried a few forums but they seem to be unavailable.my computer has had tons of spyware and viruses(since the kids snuck on).

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:36:44 PM, on 3/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\mgmrwmrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\system32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP9731\Program\Updates from HP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Documents and Settings\HP_Owner\Desktop\HiJackThis_v2.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\mgmrwmrv.exe,
O1 – Hosts: 202.67.220.239 win.mail.ru
O2 – BHO: (no name) – {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} – (no file)
O2 – BHO: (no name) – {00000012-890e-4aac-afd9-eff6954a34dd} – (no file)
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: (no name) – {029e02f0-a0e5-4b19-b958-7bf2db29fb13} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: (no name) – {06dfedaa-6196-11d5-bfc8-00508b4a487d} – (no file)
O2 – BHO: (no name) – {12F02779-6D88-4958-8AD3-83C12D86ADC7} – (no file)
O2 – BHO: (no name) – {1adbcce8-cf84-441e-9b38-afc7a19c06a4} – (no file)
O2 – BHO: (no name) – {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} – (no file)
O2 – BHO: RealPlayer Download and Record Plugin for Internet Explorer – {3049C3E9-B461-4BC5-8870-4C09146192CA} – C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 – BHO: (no name) – {4c8c03f4-1dd2-11b2-a384-b58436937e0f} – C:\WINDOWS\pcvgfidw.dll
O2 – BHO: (no name) – {51641ef3-8a7a-4d84-8659-b0911e947cc8} – (no file)
O2 – BHO: (no name) – {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} – (no file)
O2 – BHO: (no name) – {54645654-2225-4455-44A1-9F4543D34546} – (no file)
O2 – BHO: (no name) – {669695bc-a811-4a9d-8cdf-ba8c795f261e} – (no file)
O2 – BHO: (no name) – {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} – (no file)
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 – BHO: (no name) – {79D0393B-5F37-45A1-962A-32E4D4FEC707} – C:\WINDOWS\system32\borlndm.dll
O2 – BHO: (no name) – {8746E46A-7415-4223-A709-BEDA260B7DED} – C:\WINDOWS\system32\vtstq.dll
O2 – BHO: (no name) – {944864a5-3916-46e2-96a9-a2e84f3f1208} – (no file)
O2 – BHO: (no name) – {a4a435cf-3583-11d4-91bd-0048546a1450} – (no file)
O2 – BHO: (no name) – {ACF92699-B3B6-4126-AE02-FAAA922FF90E} – C:\Program Files\Windows Media Player\safepC:\DOCUME~1\HP_Owner\LOCALS~1\Temp\CEMG555077.exe.dll (file missing)
O2 – BHO: (no name) – {B07BE832-8D3F-4B9C-8EEA-3E8AD646BCC7} – (no file)
O2 – BHO: (no name) – {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} – (no file)
O2 – BHO: (no name) – {bb936323-19fa-4521-ba29-eca6a121bc78} – (no file)
O2 – BHO: (no name) – {c2680e10-1655-4a0e-87f8-4259325a84b7} – (no file)
O2 – BHO: (no name) – {c4ca6559-2cf1-48b6-96b2-8340a06fd129} – (no file)
O2 – BHO: (no name) – {c5af2622-8c75-4dfb-9693-23ab7686a456} – (no file)
O2 – BHO: (no name) – {C7EB2A3D-AD12-4A63-A65E-692C6C518C00} – C:\WINDOWS\repair\gvauala.dll (file missing)
O2 – BHO: (no name) – {ca1d1b05-9c66-11d5-a009-000103c1e50b} – (no file)
O2 – BHO: (no name) – {d8efadf1-9009-11d6-8c73-608c5dc19089} – (no file)
O2 – BHO: (no name) – {E08DE81E-7E47-4777-84C5-C45DA13BCF91} – C:\WINDOWS\system32\qommlij.dll
O2 – BHO: (no name) – {e9147a0a-a866-4214-b47c-da821891240f} – (no file)
O2 – BHO: (no name) – {e9306072-417e-43e3-81d5-369490beef7c} – (no file)
O3 – Toolbar: HP view – {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} – c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 – HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 – HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 – HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 – HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 – HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 – HKLM\..\Run: [VTTimer] VTTimer.exe
O4 – HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 – HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 – HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\printray.exe
O4 – HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 – HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 – HKLM\..\Run: [ubermdkj] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\ubermdkj.dll"
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – Startup: .protected
O4 – Global Startup: .protected
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP9731\Program\Updates from HP.exe
O8 – Extra context menu item: &Search – http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZC
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\WINDOWS\system32\msjava.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\WINDOWS\system32\msjava.dll
O9 – Extra button: Messenger – {4528BBE0-4E08-11D5-AD55-00010333D0AD} – C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 – Extra ‘Tools’ menuitem: Yahoo! Messenger – {4528BBE0-4E08-11D5-AD55-00010333D0AD} – C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O12 – Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 – Trusted Zone: http://locator1.cdn.imagesrvr.com
O15 – Trusted IP range: http://202.67.220.225
O15 – Trusted IP range: http://59.148.220.121
O15 – Trusted IP range: http://62.4.84.53
O15 – Trusted IP range: http://82.98.235.58
O15 – Trusted IP range: http://85.12.25.90
O16 – DPF: {1B30282C-970F-4DCC-97D1-1714277525C1} – http://profile.homescanonline.com/hso/binary/NetMeter_preinstaller_activex_en_4.70.28.0_HOMESCAN.cab
O16 – DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} –
O16 – DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) – http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
O16 – DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) – http://www.worldwinner.com/games/v42/jigsaw/jigsaw.cab
O16 – DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) – http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 – DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) – http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 – DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} (CDToolCtrl Class) – http://free.aol.com/tryaolfree/cdt175/aolcdt175.cab
O16 – DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) – http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 – DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) – http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 – DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) – http://zone.msn.com/bingame/popcaploader_v10.cab
O16 – DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) – http://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
O20 – Winlogon Notify: qommlij – C:\WINDOWS\SYSTEM32\qommlij.dll
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – ALWIL Software – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\Intel 32\IDriverT.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\system32\HPZipm12.exe


End of file – 13132 bytes

RegCureLogfile of HijackThis v1.99.1
Scan saved at 16:50:32, on 2007-3-4
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\internat.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Rogers\SelfHealing\rogersagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\mshta.exe
C:\iE6\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
O2 – BHO: Yahoo! Toolbar Helper – {02478D38-C3F9-4EFB-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
O2 – BHO: Share Accelerator MM Toolbar – {4596013b-6c31-408b-a266-deae5c086dc2} – C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 – BHO: (no name) – {53707962-6F74-2D53-2644-206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: Yahoo! IE Services Button – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\common\yiesrvc.dll
O3 – Toolbar: Share Accelerator MM Toolbar – {4596013b-6c31-408b-a266-deae5c086dc2} – C:\Program Files\Share_Accelerator_MM\tbShar.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 – HKCU\..\Run: [internat.exe] internat.exe
O4 – HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 – HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 – HKCU\..\Run: [FreeCall] "C:\program files\freecall.com\freecall\freecall.exe" -nosplash -minimized
O4 – HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 – HKCU\..\Run: [SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
O4 – HKCU\..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\rogersagent.exe
O4 – HKCU\..\Run: [Windows Registry Repair Pro] C:\Program FilesB Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 – HKCU\..\Run: [Bleh Idle] C:\DOCUME~1\ADMINI~1\APPLIC~1\INTRAG~1\eqflawstupid.exe
O4 – HKCU\..\RunOnce: [ypagerps6] cmd.exe /C del "C:\Program Files\Yahoo!\Messenger\ypagerps6.DLL"
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 – Extra context menu item: Yahoo! &SMS – file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\common\yiesrvc.dll
O10 – Unknown file in Winsock LSP: c:\winnt\system32\toonjoke.dll
O10 – Unknown file in Winsock LSP: c:\winnt\system32\toonjoke.dll
O16 – DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) – C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation Service (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Logical Disk Manager Administrative Service (dmadmin) – VERITAS Software Corp. – C:\WINNT\System32\dmadmin.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: InCD Helper (InCDsrv) – Ahead Software AG – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: InCD Helper (read only) (InCDsrvR) – Ahead Software AG – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: Norton AntiVirus Auto Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: Network Tran mngr (Network Tran) – Unknown owner – c:\winnt\system32\flashtem.exe
O23 – Service: Norton Unerase Protection (NProtectService) – Symantec Corporation – C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: SymWMI Service (SymWSC) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 – Service: TPK host (TPK) – Unknown owner – C:\WINNT\system32\TaskPK.exe (file missing)

get rid of errorsafe?

Logfile of HijackThis v1.99.1
Scan saved at 4:31:48 PM, on 11/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpEng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll
O3 – Toolbar: &Save Flash – {4064EA35-578D-4073-A834-C96D82CBCF40} – C:\Program Files\Save Flash\SaveFlash.dll
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 – HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 – HKLM\..\Run: [YCentral] C:\Program Files\Yahoo!\YCentral\YahooCentral.exe
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 – HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 – HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 – HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 – Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 – Extra context menu item: &Yahoo! Search – file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 – Extra context menu item: Yahoo! &SMS – file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 – Extra button: Web Anti-Virus – {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} – C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\WINDOWS\System32\shdocvw.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 – Extra button: AIM – {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} – C:\PROGRA~1\AIM\aim.exe
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O11 – Options group: [INTERNATIONAL] International*
O12 – Plugin for .xfd: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 – DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) – https://www.windowsonecare.com/install/cli/1.1.1067.8/WinSSWebAgent.CAB
O16 – DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) – http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162344926796
O16 – DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) – https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 – DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) – http://h30155.www3.hp.com/ediags/hpfix/aio/en/check/qdiagh.cab?326
O16 – DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) – http://chat.msn.com/bin/msnchat45.cab
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Kaspersky Anti-Virus 6.0 (AVP) – Unknown owner – C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 – Service: InCD File System Service (InCDsrv) – Ahead Software – (no file)
O23 – Service: iPod Service – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Macromedia Licensing Service – Unknown owner – C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: MSMPSVC – Unknown owner – C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe" -n 4 (file missing)
O23 – Service: NkPtpEnumP2 – Unknown owner – C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)

Main issue:
I cant open links on most websites…. or enlarge images that appear on google images. the mouse pointer doesnt seem to recognise them.(normally it would turn into a hand from a pointer.)

i cant even post this problem on any tech help sites as i cant click on the post ‘new thread’ button.
not sure why but YahoO’s links work.

i cant click on thumbnail pictures on facebook either, normally it would open the enlarged view of the picture ect…

ive tryed updating internet explorer 7 and the java updates.
here is a log from HIJACKTHIS see if you can spot any virus

THANK YOU!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Executive Software\Undelete\UdServe.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\winhlp32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: ALOT Toolbar – {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} – C:\Program Files\alot\bin\alot.dll
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 – BHO: (no name) – {7E853D72-626A-48EC-A868-BA8D5E23E045} – (no file)
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – c:\program files\google\googletoolbar1.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier.0.1225.9868\swg.dll
O3 – Toolbar: McAfee VirusScan – {BA52B914-B692-46c4-B683-905236F6F655} – c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 – Toolbar: &Google – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: ALOT Toolbar – {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} – C:\Program Files\alot\bin\alot.dll
O3 – Toolbar: (no name) – {07B18EA9-A523-4961-B6BB-170DE4475CCA} – (no file)
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 – HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 – HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 – HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 – HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar.bin\mwsoemon.exe
O4 – HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 – HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 – HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 – HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 – HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar.bin\m3SrchMn.exe" /m=2 /w
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 – HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 – HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 – HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 – Extra context menu item: &Search – http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZZzer000YYGB
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) – http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 – DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} – http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15-3.cab
O16 – DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) – http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 – DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) – http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 – DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) – http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 – DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) – http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1217681069_e94cf86f6a9c9018c4d65c1a33bc9775&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
O16 – DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) – http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O20 – AppInit_DLLs: pushow14.dll
O23 – Service: Lavasoft Ad-Aware Service (aawservice) – Lavasoft – C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 – Service: Adobe LM Service – Unknown owner – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: AVG Anti-Spyware Guard – GRISOFT s.r.o. – C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\Intel 32\IDriverT.exe
O23 – Service: InCD Helper (InCDsrv) – AHEAD Software – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: iPod Service – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Process Monitor (LVPrcSrv) – Logitech Inc. – c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 – Service: LVSrvLauncher – Logitech Inc. – C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 – Service: McAfee WSC Integration (McDetect.exe) – McAfee, Inc – c:\program files\mcafee.com\agent\mcdetect.exe
O23 – Service: McAfee.com McShield (McShield) – Unknown owner – c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 – Service: McAfee Task Scheduler (McTskshd.exe) – McAfee, Inc – c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 – Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) – McAfee, Inc – C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 – Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) – McAfee, Inc – c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: PnkBstrA – Unknown owner – C:\WINDOWS\system32\PnkBstrA.exe
O23 – Service: Executive Software Undelete (UndeleteService) – ESI – C:\Program Files\Executive Software\Undelete\UdServe.exe