[Dr. Fate]

I have read and done most of the 5 steps your team has suggested prior to starting a new post. I have the same proble I was reading about from someone writing into you. Currently even my mouse is very symptomatic and I have to log on to the internet several times before I can actually get to your web site. I have run several virus searches and they do locate infected files. My problem is that I have no idea what is spyware and what just needs to be cleaned. I hope you can help. Well here is my Hijack This post.

Logfile of HijackThis v1.99.0
Scan saved at 11:13:27 PM, on 3/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {43394E3B-594F-6045-2791-CA03BE086EAA} - C:\WINDOWS\system32\apirg32.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [ZingSpooler] C:\Program Files\Common Files\Zing\ZingSpooler.exe
O4 - HKLM\..\Run: [DNS7reminder] "D:\Program Files\ScanSoft\NaturallySpeaking\Program\Ereg.exe" -r "D:\Program Files\ScanSoft\NaturallySpeaking\Program\ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus
O4 - HKLM\..\Run: [EanthologyApp] "C:\Program Files\Common Files\eAcceleration\eanthology.exe" /b Startup
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM\..\Run: [crlf32.exe] C:\WINDOWS\system32\crlf32.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [wingl.exe] C:\WINDOWS\system32\wingl.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [\Pribi.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pribi\Pribi.exe
O4 - HKCU\..\Run: [Steam] d:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [Spyware Vanisher] c:\spywarevanisher-free\FreeScanner.exe -FastScan
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0b\aoltray.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: Voice Alarm.lnk = D:\Program Files\LHSP\Now You're Talking Classic\VAlarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Boxtop - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra 'Tools' menuitem: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Boxtop - {629C5DAA-BABC-4d44-983D-97AFF415621C} - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://ad.searchsquire.com
O15 - Trusted Zone: http://search.searchsquire.com
O15 - Trusted Zone: http://update.searchsquire.com
O15 - Trusted Zone: http://www.searchsquire.com
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.game...s/y/fltt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {1E89F686-B78D-4C85-9EFC-3474516E3FE2} - http://directplugin....ugin/111069.exe
O16 - DPF: {2C38A62E-D257-40E8-8BB7-5624E38FEB0A} - http://enter.biz.ly/tiffany/webcam.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1088956135375
O16 - DPF: {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - http://404.x-share.com/vvv/Pribi.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...370/mcfscan.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kon...ry/main/kdx.cab
O18 - Protocol: bw+0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: McAfee Framework Service - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) - Unknown - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Remote Procedure Call (RPC) Helper - Unknown - C:\WINDOWS\javalo32.exe (file missing)

[Advertisements]

You are using an outdated version of HijackThis. Please download HijackThis version 1.99.1 from here:
http://www.downloads.../hijackthis.zip
and make sure to unzip it to a permanent folder. Then please run HijackThis, click Scan and Save log, and post the new log here. I would be happy to take a look at it.

[pomp]

You are using an outdated version of HijackThis. Please download HijackThis version 1.99.1 from here:
http://www.downloads.../hijackthis.zip
and make sure to unzip it to a permanent folder. Then please run HijackThis, click Scan and Save log, and post the new log here. I would be happy to take a look at it.

[Dr. Fate]

Thank you for your help. I do not mean to sound totally stupid but you will pretty much need to tell me step by step what I need to do. I have downloaded the revised version of Hijack This and have re-ran the report. Here it is. Let me know what you need me to do. As I stated in my first post, my mouse is really acting up and it jumps all over the place.

Logfile of HijackThis v1.99.0
Scan saved at 11:13:27 PM, on 3/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ltekb.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {43394E3B-594F-6045-2791-CA03BE086EAA} - C:\WINDOWS\system32\apirg32.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [ZingSpooler] C:\Program Files\Common Files\Zing\ZingSpooler.exe
O4 - HKLM\..\Run: [DNS7reminder] "D:\Program Files\ScanSoft\NaturallySpeaking\Program\Ereg.exe" -r "D:\Program Files\ScanSoft\NaturallySpeaking\Program\ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus
O4 - HKLM\..\Run: [EanthologyApp] "C:\Program Files\Common Files\eAcceleration\eanthology.exe" /b Startup
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM\..\Run: [crlf32.exe] C:\WINDOWS\system32\crlf32.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [wingl.exe] C:\WINDOWS\system32\wingl.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [\Pribi.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pribi\Pribi.exe
O4 - HKCU\..\Run: [Steam] d:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [Spyware Vanisher] c:\spywarevanisher-free\FreeScanner.exe -FastScan
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0b\aoltray.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: Voice Alarm.lnk = D:\Program Files\LHSP\Now You're Talking Classic\VAlarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Boxtop - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra 'Tools' menuitem: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Boxtop - {629C5DAA-BABC-4d44-983D-97AFF415621C} - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://ad.searchsquire.com
O15 - Trusted Zone: http://search.searchsquire.com
O15 - Trusted Zone: http://update.searchsquire.com
O15 - Trusted Zone: http://www.searchsquire.com
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.game...s/y/fltt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {1E89F686-B78D-4C85-9EFC-3474516E3FE2} - http://directplugin....ugin/111069.exe
O16 - DPF: {2C38A62E-D257-40E8-8BB7-5624E38FEB0A} - http://enter.biz.ly/tiffany/webcam.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1088956135375
O16 - DPF: {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - http://404.x-share.com/vvv/Pribi.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...370/mcfscan.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kon...ry/main/kdx.cab
O18 - Protocol: bw+0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {177A849D-452C-4308-8FFD-63520DADC298} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: McAfee Framework Service - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) - Unknown - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Remote Procedure Call (RPC) Helper - Unknown - C:\WINDOWS\javalo32.exe (file missing)

[Dr. Fate]

OK, I received your posting and have read all of the way through it. I have agqain down loaded the programs to my desktop and have updated the small debugging programs. Just to let you know, I stopped before I finished because I was unsure what files I was supposed to place a check next to. Here are the problems I have come across:

Problems:

1) I was able to remove the LogitechDesktopMessanger. The file still shows under the Add/remove programs but there is nothing in the file any longer.

2) For the C:\Program Files\BoxTopsSoppingReminder.... It gave me the following errormessage: "Error:Could not Exectute Main: The System Cannot Find File Specified"... ??? Should I do anything?

3) For the C:\spywarevanisher-free..... There was no reference to it under the Add/Remove Program file.

4) For the Remote Procedure Call... I could not click the Stop button. No buttons were highlighted for me to do this action. In fact I saw 2 lines referencing the Remote Procedure Call and I tried to do this on both. Could not.

5) When I copied the "Regedit4" to Word Notes it would not let me save it as "All" File Types. I saved the file to the desk top anyway and when Itried to double click on it it did not do anything. It just opened.

6) After rebooting in Safe Mode - I could not locate the following files you suggested:

C:\WINDOWS\ltekb.dll
C:\WINDOWS\system32\apirg32.dll
C:\WINDOWS\system32\crlf32.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pribi\Pribi.exe
C:\WINDOWS\javalo32.exe

7) After closing all Windows and Browsers, I re-ran Hijack This. Here is where I stopped. I could not find the file you were asking me to place check marks next to... All of my files that sarted with "R1" have "System32\vuidz.dll" in the wording where you are asking for "itekb.dll"... I stoped because I do not want to deleate anything that does not match word for word....

I have attached the Hijack This report that I ran last. As you can see it is quite smaller than before now that all of the Logitech stuff has been removed. Can you tell me what to do by matching my lines to what you want me to place check marks by?

Thank you again, My computer is in your hands.

Logfile of HijackThis v1.99.1
Scan saved at 6:30:19 PM, on 3/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\vuidz.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vuidz.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\vuidz.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\vuidz.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vuidz.dll/sp.html#10213
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\vuidz.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {43394E3B-594F-6045-2791-CA03BE086EAA} - C:\WINDOWS\system32\apirg32.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [ZingSpooler] C:\Program Files\Common Files\Zing\ZingSpooler.exe
O4 - HKLM\..\Run: [DNS7reminder] "D:\Program Files\ScanSoft\NaturallySpeaking\Program\Ereg.exe" -r "D:\Program Files\ScanSoft\NaturallySpeaking\Program\ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [\Pribi.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pribi\Pribi.exe
O4 - HKCU\..\Run: [Steam] d:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [Spyware Vanisher] c:\spywarevanisher-free\FreeScanner.exe -FastScan
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0b\aoltray.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: Voice Alarm.lnk = D:\Program Files\LHSP\Now You're Talking Classic\VAlarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Boxtop - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra 'Tools' menuitem: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Boxtop - {629C5DAA-BABC-4d44-983D-97AFF415621C} - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://ad.searchsquire.com
O15 - Trusted Zone: http://search.searchsquire.com
O15 - Trusted Zone: http://update.searchsquire.com
O15 - Trusted Zone: http://www.searchsquire.com
O15 - Trusted Zone: http://*.searchsquire.com
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.game...s/y/fltt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {1E89F686-B78D-4C85-9EFC-3474516E3FE2} - http://directplugin....ugin/111069.exe
O16 - DPF: {2C38A62E-D257-40E8-8BB7-5624E38FEB0A} - http://enter.biz.ly/tiffany/webcam.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1088956135375
O16 - DPF: {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - http://404.x-share.com/vvv/Pribi.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...370/mcfscan.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kon...ry/main/kdx.cab
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\d3dj32.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

[Dr. Fate]

Thank you for that last post. It has helped out a whole lot. I am not sure what did what, but I now have full control of the Mouse and "Start up" comand screen.

In regards to items 1:
Found "Network Security Service" I disabled it as told.
Sorry about the "Word Notes" vs. Notepad mix-up. I saved "RemoveTrustedZone.reg" and merged it into my system.

In regards to item 4:
I have one question, in my first post I realized my Hijack This Post, did have as you suggested, files listed as "Itekb.dll" when I ran it again after your post they said "Vuidz.dll". You graciously changed your post to match. Here is my problem, when I re-opened the Hijack This to fix what was suggested they read "tmojr.dll" as you will see below. Why did they change? Are they supposed to?
Well anyway....
All of the "015 - Trusted Zone" items where not there.

In regards to item 5:
C:\WINDOWS\system32\vuidz.dll<--Deleted
c:\ spywarevanisher-free\<--Not Found
C:\WINDOWS\system32\d3dj32.exe<--Deleted
C:\WINDOWS\ltekb.dll<--Not Found
C:\WINDOWS\system32\apirg32.dll<--Deleted
C:\WINDOWS\system32\crlf32.exe<--Deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pribi\Pribi.exe<--Deleted
C:\WINDOWS\javalo32.exe<--Deleted

In regards to item 6:
Ran AboutBuster - following is the report.

Scanned at: 2:04:19 PM on: 3/20/2005
-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 16

No ADS found on system
Removed 4 Random Key Entries
Removed! : C:\WINDOWS\n_dqvxzt.dat
Removed! : C:\WINDOWS\n_drzktt.dat
Removed! : C:\WINDOWS\n_pieora.dat
Removed! : C:\WINDOWS\n_qmhivv.dat
Removed! : C:\WINDOWS\n_qotbfo.dat
Removed! : C:\WINDOWS\obniwb.dat
Removed! : C:\WINDOWS\phbnh.dll
Removed! : C:\WINDOWS\pnpzj.dat
Removed! : C:\WINDOWS\pusna.dat
Removed! : C:\WINDOWS\pvbre.dll
Removed! : C:\WINDOWS\pxplx.dat
Removed! : C:\WINDOWS\pxplx.dll
Removed! : C:\WINDOWS\pzvti.dat
Removed! : C:\WINDOWS\qlnmq.dat
Removed! : C:\WINDOWS\qzrmzw.dat
Removed! : C:\WINDOWS\rbdig.dll
Removed! : C:\WINDOWS\rfcztc.dat
Removed! : C:\WINDOWS\rmntp.dat
Removed! : C:\WINDOWS\rpqmf.dat
Removed! : C:\WINDOWS\rriot.dat
Removed! : C:\WINDOWS\rthlc.dat
Removed! : C:\WINDOWS\rwbnzt.dat
Removed! : C:\WINDOWS\scqxl.dat
Removed! : C:\WINDOWS\sguis.dat
Removed! : C:\WINDOWS\SiSUSBrg.exe
Removed! : C:\WINDOWS\smaql.dat
Removed! : C:\WINDOWS\sutbyd.dat
Removed! : C:\WINDOWS\tnaty.dll
Removed! : C:\WINDOWS\tofbz.dat
Removed! : C:\WINDOWS\uajws.dat
Removed! : C:\WINDOWS\ubfbvy.dat
Removed! : C:\WINDOWS\ucpmz.dat
Removed! : C:\WINDOWS\ucsyp.dat
Removed! : C:\WINDOWS\ukzxr.dll
Removed! : C:\WINDOWS\uoevg.dat
Removed! : C:\WINDOWS\upihx.dll
Removed! : C:\WINDOWS\vhqdjt.dat
Removed! : C:\WINDOWS\vmdwj.dat
Removed! : C:\WINDOWS\wkcud.dat
Removed! : C:\WINDOWS\xkpea.dat
Removed! : C:\WINDOWS\xpbrjo.dat
Removed! : C:\WINDOWS\xvohv.dll
Removed! : C:\WINDOWS\xwmed.dat
Removed! : C:\WINDOWS\ydqqk.dll
Removed! : C:\WINDOWS\ynuqq.dll
Removed! : C:\WINDOWS\yvnlpw.dat
Removed! : C:\WINDOWS\yzmnc.dat
Removed! : C:\WINDOWS\zqdql.dll
Removed! : C:\WINDOWS\system32\agbdt.dll
Removed! : C:\WINDOWS\system32\atlpo.dll
Removed! : C:\WINDOWS\system32\baafy.dat
Removed! : C:\WINDOWS\system32\byuyu.dat
Removed! : C:\WINDOWS\system32\cczib.dat
Removed! : C:\WINDOWS\system32\clezo.dat
Removed! : C:\WINDOWS\system32\crju32.dll
Removed! : C:\WINDOWS\system32\d3bj.dll
Removed! : C:\WINDOWS\system32\d3xc32.dll
Removed! : C:\WINDOWS\system32\darnm.dat
Removed! : C:\WINDOWS\system32\darnm.dll
Removed! : C:\WINDOWS\system32\dawzs.dat
Removed! : C:\WINDOWS\system32\dbrgg.dat
Removed! : C:\WINDOWS\system32\dllbl.dat
Removed! : C:\WINDOWS\system32\dllbl.dll
Removed! : C:\WINDOWS\system32\dmzev.dll
Removed! : C:\WINDOWS\system32\dorod.dat
Removed! : C:\WINDOWS\system32\easdi.dat
Removed! : C:\WINDOWS\system32\emwiq.dat
Removed! : C:\WINDOWS\system32\fpgcm.dat
Removed! : C:\WINDOWS\system32\fvvua.dll
Removed! : C:\WINDOWS\system32\fwmxp.dat
Removed! : C:\WINDOWS\system32\gfdpt.dll
Removed! : C:\WINDOWS\system32\gtcyl.dat
Removed! : C:\WINDOWS\system32\gxnzb.dat
Removed! : C:\WINDOWS\system32\higvo.dat
Removed! : C:\WINDOWS\system32\hphlt.dat
Removed! : C:\WINDOWS\system32\ihydn.dat
Removed! : C:\WINDOWS\system32\jeksu.dat
Removed! : C:\WINDOWS\system32\jkavk.dat
Removed! : C:\WINDOWS\system32\jqbfy.dat
Removed! : C:\WINDOWS\system32\jqfwv.dat
Removed! : C:\WINDOWS\system32\jujto.dll
Removed! : C:\WINDOWS\system32\kavgi.dll
Removed! : C:\WINDOWS\system32\kibdm.dll
Removed! : C:\WINDOWS\system32\kvhgj.dat
Removed! : C:\WINDOWS\system32\kvqgl.dat
Removed! : C:\WINDOWS\system32\mmdiv.dat
Removed! : C:\WINDOWS\system32\ndxuk.dat
Removed! : C:\WINDOWS\system32\netce.dll
Removed! : C:\WINDOWS\system32\nmcvc.dll
Removed! : C:\WINDOWS\system32\nrnck.dat
Removed! : C:\WINDOWS\system32\nrnck.dll
Removed! : C:\WINDOWS\system32\nslbs.dat
Removed! : C:\WINDOWS\system32\nvwos.dat
Removed! : C:\WINDOWS\system32\nvwos.dll
Removed! : C:\WINDOWS\system32\ocuoz.dll
Removed! : C:\WINDOWS\system32\odusf.dll
Removed! : C:\WINDOWS\system32\okwpt.dat
Removed! : C:\WINDOWS\system32\omjin.dat
Removed! : C:\WINDOWS\system32\opwsw.dat
Removed! : C:\WINDOWS\system32\oqcun.dll
Removed! : C:\WINDOWS\system32\pauqe.dat
Removed! : C:\WINDOWS\system32\pimkz.dat
Removed! : C:\WINDOWS\system32\qiyov.dat
Removed! : C:\WINDOWS\system32\qyhvw.dll
Removed! : C:\WINDOWS\system32\rwdta.dat
Removed! : C:\WINDOWS\system32\rwdta.dll
Removed! : C:\WINDOWS\system32\rwsgb.dll
Removed! : C:\WINDOWS\system32\stcpx.dat
Removed! : C:\WINDOWS\system32\tcpxw.dll
Removed! : C:\WINDOWS\system32\tdkbt.dll
Removed! : C:\WINDOWS\system32\tjcko.dat
Removed! : C:\WINDOWS\system32\tpzci.dll
Removed! : C:\WINDOWS\system32\vvxba.dll
Removed! : C:\WINDOWS\system32\wzcam.dll
Removed! : C:\WINDOWS\system32\xyvka.dll
Removed! : C:\WINDOWS\system32\ybern.dat
Removed! : C:\WINDOWS\system32\ycuve.dat
Removed! : C:\WINDOWS\system32\yefao.dat
Removed! : C:\WINDOWS\system32\ypalp.dll
Removed! : C:\WINDOWS\system32\ypyxq.dll
Removed! : C:\WINDOWS\system32\yziee.dll
Removed! : C:\WINDOWS\system32\zcwkx.dat
Removed! : C:\WINDOWS\system32\zcwkx.dll
Removed! : C:\WINDOWS\system32\zgisn.dll
Removed! : C:\WINDOWS\system32\zuipp.dll
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 16

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!


In regards to item 7:
Ran AdAware - following is the report.

Incident Status Location

Adware:Adware/Gator No disinfected C:\Program Files\Common Files\GMT
Adware:Adware/PurityScan No disinfected Windows Registry
Adware:Adware/Comet No disinfected C:\Program Files\Comet
Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Michelle\Favorites\Sites about\Ab scissor.url
Adware:Adware/ShowSearch No disinfected C:\Documents and Settings\Michelle\Application Data\sysns\mssearch.dll
Adware:Adware/SearchAid No disinfected C:\Documents and Settings\Michelle\Application Data\sysns\sysns.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\comet.exe
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\csband.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\csbrange.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\csctx.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\cseng.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\fileutil.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Bin\skinui.dll
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Data\csres.dat
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18400750.asw
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18400843.asw
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18400937.asw
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18401078.asw
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18401171.asw
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18401312.asw
Adware:Adware/Comet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\18401390.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41645406.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41646218.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41646718.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41648265.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41648593.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41648703.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41648937.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41649093.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41649609.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41649796.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41649906.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650125.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650234.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650375.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650562.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650687.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650812.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41650906.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41651281.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41651468.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41651796.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41651890.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41652015.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41652218.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41652468.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41652625.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41652781.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41652968.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41653234.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41653375.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41653796.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41654015.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41654109.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41654406.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41654750.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41654921.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41655031.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41655234.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41655343.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41655453.asw
Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41655625.asw
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\GMT\GMT.exe
Adware:Adware/SearchSquire No disinfected C:\SearchInstall.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bjshpq.dat
Adware:Adware/MediaTickets No disinfected C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.INF
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\dvhit.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\iailsd.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jxaqhb.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mfcec.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mszg.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_atuuuj.dat
Virus:Trj/Agent.DW Disinfected C:\WINDOWS\n_bkovig.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_bnydwe.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_bysldl.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_durnnw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_elnlcw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_huyfmw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_hxrdsh.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_isioas.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kkrzht.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_lcqrzq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_lludbq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_lrusxv.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_mmeujo.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_ncchdp.dat
Virus:Trj/Agent.DW Disinfected C:\WINDOWS\n_nydgyf.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_okgyzc.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_puxyxe.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_qidbnw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_rqjeuv.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_todtva.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_ugndvl.dat
Virus:Trj/Agent.DW Disinfected C:\WINDOWS\n_uolmdc.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_vrxvyg.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_wdnilk.dat
Virus:Trj/Agent.DW Disinfected C:\WINDOWS\n_xuvvtb.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_xuwtob.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_zhlkis.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_zhwxve.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_zmhwse.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\olqdv.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pnzikd.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qlmtgi.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qrank.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\atlny.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\cczib.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\crcq.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\crjo.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\gypkt.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\olnoc.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\orrom.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\pihlr.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkly32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\seava.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sysot.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sysve.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\tycpei.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\vjsium.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xvohvk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xxoncn.dat

In Regards to item 8:
Completed

In regards to item 9:
Completed

In regards to item 10:
Completed

In regards to item 11:
Completed

In regards to item 12:
Completed - Restored Original Hosts

I ran the "Housecall" - Following is the report.
This report took a very long time to run. Not sure what happened, it said it finished but no report was generated. Sorry I will run it again and post tomorrow.

Following is my Hijack This report.

Logfile of HijackThis v1.99.1
Scan saved at 7:11:48 PM, on 3/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\McAfee\QuickClean\PlgUni.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\tmojr.dll/sp.html#10213
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\tmojr.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\tmojr.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\tmojr.dll/sp.html#10213
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\tmojr.dll/sp.html#10213
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {43394E3B-594F-6045-2791-CA03BE086EAA} - C:\WINDOWS\system32\apirg32.dll (file missing)
O2 - BHO: (no name) - {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - (no file)
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [ZingSpooler] C:\Program Files\Common Files\Zing\ZingSpooler.exe
O4 - HKLM\..\Run: [DNS7reminder] "D:\Program Files\ScanSoft\NaturallySpeaking\Program\Ereg.exe" -r "D:\Program Files\ScanSoft\NaturallySpeaking\Program\ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [\Pribi.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pribi\Pribi.exe
O4 - HKCU\..\Run: [Steam] d:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [Spyware Vanisher] c:\spywarevanisher-free\FreeScanner.exe -FastScan
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0b\aoltray.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: Voice Alarm.lnk = D:\Program Files\LHSP\Now You're Talking Classic\VAlarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Boxtop - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra 'Tools' menuitem: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Boxtop - {629C5DAA-BABC-4d44-983D-97AFF415621C} - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.game...s/y/fltt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {2C38A62E-D257-40E8-8BB7-5624E38FEB0A} - http://enter.biz.ly/tiffany/webcam.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1088956135375
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - http://404.x-share.com/vvv/Pribi.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...370/mcfscan.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kon...ry/main/kdx.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Thank you for all of your help.

[Dr. Fate]

Sorry for missing a day I am pretty sick, but I knew I had to get this done.
Thank you very much for your help.
Here is what I have.

Items #1 and 3...
Could not find "Skip this Part"

Item # 4
Completed task

Item # 5
Completed task

Item # 6
Completed task - Report follows

Item # 7
Completed task

Item # 8
Completed task

Item # 9
Completed task

Item # 10
Completed task

Item # 11
Completed task

Item # 13
Completed task

Following is the two reports that you requested (Hijack This and About Buster)

Scanned at: 2:04:19 PM on: 3/20/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 16

No ADS found on system
Removed 4 Random Key Entries
Removed! : C:\WINDOWS\n_dqvxzt.dat
Removed! : C:\WINDOWS\n_drzktt.dat
Removed! : C:\WINDOWS\n_pieora.dat
Removed! : C:\WINDOWS\n_qmhivv.dat
Removed! : C:\WINDOWS\n_qotbfo.dat
Removed! : C:\WINDOWS\obniwb.dat
Removed! : C:\WINDOWS\phbnh.dll
Removed! : C:\WINDOWS\pnpzj.dat
Removed! : C:\WINDOWS\pusna.dat
Removed! : C:\WINDOWS\pvbre.dll
Removed! : C:\WINDOWS\pxplx.dat
Removed! : C:\WINDOWS\pxplx.dll
Removed! : C:\WINDOWS\pzvti.dat
Removed! : C:\WINDOWS\qlnmq.dat
Removed! : C:\WINDOWS\qzrmzw.dat
Removed! : C:\WINDOWS\rbdig.dll
Removed! : C:\WINDOWS\rfcztc.dat
Removed! : C:\WINDOWS\rmntp.dat
Removed! : C:\WINDOWS\rpqmf.dat
Removed! : C:\WINDOWS\rriot.dat
Removed! : C:\WINDOWS\rthlc.dat
Removed! : C:\WINDOWS\rwbnzt.dat
Removed! : C:\WINDOWS\scqxl.dat
Removed! : C:\WINDOWS\sguis.dat
Removed! : C:\WINDOWS\SiSUSBrg.exe
Removed! : C:\WINDOWS\smaql.dat
Removed! : C:\WINDOWS\sutbyd.dat
Removed! : C:\WINDOWS\tnaty.dll
Removed! : C:\WINDOWS\tofbz.dat
Removed! : C:\WINDOWS\uajws.dat
Removed! : C:\WINDOWS\ubfbvy.dat
Removed! : C:\WINDOWS\ucpmz.dat
Removed! : C:\WINDOWS\ucsyp.dat
Removed! : C:\WINDOWS\ukzxr.dll
Removed! : C:\WINDOWS\uoevg.dat
Removed! : C:\WINDOWS\upihx.dll
Removed! : C:\WINDOWS\vhqdjt.dat
Removed! : C:\WINDOWS\vmdwj.dat
Removed! : C:\WINDOWS\wkcud.dat
Removed! : C:\WINDOWS\xkpea.dat
Removed! : C:\WINDOWS\xpbrjo.dat
Removed! : C:\WINDOWS\xvohv.dll
Removed! : C:\WINDOWS\xwmed.dat
Removed! : C:\WINDOWS\ydqqk.dll
Removed! : C:\WINDOWS\ynuqq.dll
Removed! : C:\WINDOWS\yvnlpw.dat
Removed! : C:\WINDOWS\yzmnc.dat
Removed! : C:\WINDOWS\zqdql.dll
Removed! : C:\WINDOWS\system32\agbdt.dll
Removed! : C:\WINDOWS\system32\atlpo.dll
Removed! : C:\WINDOWS\system32\baafy.dat
Removed! : C:\WINDOWS\system32\byuyu.dat
Removed! : C:\WINDOWS\system32\cczib.dat
Removed! : C:\WINDOWS\system32\clezo.dat
Removed! : C:\WINDOWS\system32\crju32.dll
Removed! : C:\WINDOWS\system32\d3bj.dll
Removed! : C:\WINDOWS\system32\d3xc32.dll
Removed! : C:\WINDOWS\system32\darnm.dat
Removed! : C:\WINDOWS\system32\darnm.dll
Removed! : C:\WINDOWS\system32\dawzs.dat
Removed! : C:\WINDOWS\system32\dbrgg.dat
Removed! : C:\WINDOWS\system32\dllbl.dat
Removed! : C:\WINDOWS\system32\dllbl.dll
Removed! : C:\WINDOWS\system32\dmzev.dll
Removed! : C:\WINDOWS\system32\dorod.dat
Removed! : C:\WINDOWS\system32\easdi.dat
Removed! : C:\WINDOWS\system32\emwiq.dat
Removed! : C:\WINDOWS\system32\fpgcm.dat
Removed! : C:\WINDOWS\system32\fvvua.dll
Removed! : C:\WINDOWS\system32\fwmxp.dat
Removed! : C:\WINDOWS\system32\gfdpt.dll
Removed! : C:\WINDOWS\system32\gtcyl.dat
Removed! : C:\WINDOWS\system32\gxnzb.dat
Removed! : C:\WINDOWS\system32\higvo.dat
Removed! : C:\WINDOWS\system32\hphlt.dat
Removed! : C:\WINDOWS\system32\ihydn.dat
Removed! : C:\WINDOWS\system32\jeksu.dat
Removed! : C:\WINDOWS\system32\jkavk.dat
Removed! : C:\WINDOWS\system32\jqbfy.dat
Removed! : C:\WINDOWS\system32\jqfwv.dat
Removed! : C:\WINDOWS\system32\jujto.dll
Removed! : C:\WINDOWS\system32\kavgi.dll
Removed! : C:\WINDOWS\system32\kibdm.dll
Removed! : C:\WINDOWS\system32\kvhgj.dat
Removed! : C:\WINDOWS\system32\kvqgl.dat
Removed! : C:\WINDOWS\system32\mmdiv.dat
Removed! : C:\WINDOWS\system32\ndxuk.dat
Removed! : C:\WINDOWS\system32\netce.dll
Removed! : C:\WINDOWS\system32\nmcvc.dll
Removed! : C:\WINDOWS\system32\nrnck.dat
Removed! : C:\WINDOWS\system32\nrnck.dll
Removed! : C:\WINDOWS\system32\nslbs.dat
Removed! : C:\WINDOWS\system32\nvwos.dat
Removed! : C:\WINDOWS\system32\nvwos.dll
Removed! : C:\WINDOWS\system32\ocuoz.dll
Removed! : C:\WINDOWS\system32\odusf.dll
Removed! : C:\WINDOWS\system32\okwpt.dat
Removed! : C:\WINDOWS\system32\omjin.dat
Removed! : C:\WINDOWS\system32\opwsw.dat
Removed! : C:\WINDOWS\system32\oqcun.dll
Removed! : C:\WINDOWS\system32\pauqe.dat
Removed! : C:\WINDOWS\system32\pimkz.dat
Removed! : C:\WINDOWS\system32\qiyov.dat
Removed! : C:\WINDOWS\system32\qyhvw.dll
Removed! : C:\WINDOWS\system32\rwdta.dat
Removed! : C:\WINDOWS\system32\rwdta.dll
Removed! : C:\WINDOWS\system32\rwsgb.dll
Removed! : C:\WINDOWS\system32\stcpx.dat
Removed! : C:\WINDOWS\system32\tcpxw.dll
Removed! : C:\WINDOWS\system32\tdkbt.dll
Removed! : C:\WINDOWS\system32\tjcko.dat
Removed! : C:\WINDOWS\system32\tpzci.dll
Removed! : C:\WINDOWS\system32\vvxba.dll
Removed! : C:\WINDOWS\system32\wzcam.dll
Removed! : C:\WINDOWS\system32\xyvka.dll
Removed! : C:\WINDOWS\system32\ybern.dat
Removed! : C:\WINDOWS\system32\ycuve.dat
Removed! : C:\WINDOWS\system32\yefao.dat
Removed! : C:\WINDOWS\system32\ypalp.dll
Removed! : C:\WINDOWS\system32\ypyxq.dll
Removed! : C:\WINDOWS\system32\yziee.dll
Removed! : C:\WINDOWS\system32\zcwkx.dat
Removed! : C:\WINDOWS\system32\zcwkx.dll
Removed! : C:\WINDOWS\system32\zgisn.dll
Removed! : C:\WINDOWS\system32\zuipp.dll
Attempted Clean Of Temp folder.
Removed Uninstall Key (HSA)
Removed Uninstall Key (SE)
Removed Uninstall Key (SW)
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 16

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!






Scanned at: 11:00:24 PM on: 3/22/2005


-- Scan 1 ---------------------------
About:Buster Version 4.0
Reference List : 16

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!

-- Scan 2 ---------------------------
About:Buster Version 4.0
Reference List : 16

No ADS found on system
Attempted Clean Of Temp folder.
Pages Reset... Done!

Logfile of HijackThis v1.99.1
Scan saved at 12:38:33 AM, on 3/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\McAfee\QuickClean\PlgUni.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\America Online 9.0b\waol.exe
C:\Program Files\America Online 9.0b\shellmon.exe
C:\Program Files\America Online 9.0b\aolwbspd.exe
C:\unzipped\hijackthis\HijackThis.exe

O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe /server
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [DNS7reminder] "D:\Program Files\ScanSoft\NaturallySpeaking\Program\Ereg.exe" -r "D:\Program Files\ScanSoft\NaturallySpeaking\Program\ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [StopSignStatus] Rundll32.exe "C:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [Steam] d:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0b\aoltray.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: Voice Alarm.lnk = D:\Program Files\LHSP\Now You're Talking Classic\VAlarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Boxtop - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra 'Tools' menuitem: Cosmi Popup Blocker - {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - D:\Program Files\Cosmi\Pop Up Ad Blocker\PopupBlock.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Boxtop - {629C5DAA-BABC-4d44-983D-97AFF415621C} - file://C:\Program Files\BoxTopsShoppingReminder\System\Temp\boxtopgmills_script0.htm (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.game...s/y/fltt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1088956135375
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...370/mcfscan.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kon...ry/main/kdx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04A29ADB-FF21-4C0A-9E6C-32BB971B16DD}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{04A29ADB-FF21-4C0A-9E6C-32BB971B16DD}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Thank you for all of your help I truly appreciate your time and effort.