greg
Here is my hijack this log:
Logfile of HijackThis v1.99.1
Scan saved at 5:31:19 AM, on 9/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Documents and Settings\Administrator\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=54729
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....cid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.micros...microsoftupdate
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - D:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe, D:\WINDOWS\system32\jagbu.exe
F2 - REG:system.ini: UserInit=userinit.exe,uumffhd.exe
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469F-83B8-BD2AE6D9FA2E} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-83B8-BD2AE6D9FA2E} - (no file)
O4 - HKLM\..\Run: [SurfSideKick 3] D:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [{BE-ED-D2-2F-ZN}] D:\windows\system32\osdsregn.exe GEN001
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [win3206607752610] D:\WINDOWS\win3206607752610.exe
O4 - HKLM\..\Run: [THGuard] "D:\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [TheMonitor] D:\WINDOWS\Duce6.exe
O4 - HKLM\..\Run: [sys09752610607] D:\WINDOWS\sys09752610607.exe
O4 - HKLM\..\Run: [sys03610607752] D:\WINDOWS\sys03610607752.exe
O4 - HKLM\..\Run: [sys01526106077] D:\WINDOWS\sys01526106077.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RelevantKnowledge] d:\windows\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [qgu8ca09] RUNDLL32.EXE w010e0fb.dll,n 0038ca0600000003010e0fb
O4 - HKLM\..\Run: [pop06apelt] D:\WINDOWS\thiselt.exe
O4 - HKLM\..\Run: [outlook] D:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ms05060775261] D:\WINDOWS\ms05060775261.exe
O4 - HKLM\..\Run: [ms04106077526] D:\WINDOWS\ms04106077526.exe
O4 - HKLM\..\Run: [loaddr] C:\topaff.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_15.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [FQQERQ] "D:\WINDOWS\system32\kcnzrop6.exe"
O4 - HKLM\..\Run: [defender] c:\\dfndrff_15.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [avkujpwA] D:\WINDOWS\avkujpwA.exe
O4 - HKLM\..\Run: [ACTX1] D:\WINDOWS\v1201.exe
O4 - HKCU\..\Run: [SurfSideKick 3] D:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1150950693046
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: Applets - D:\WINDOWS\system32\o8ro0i93e8.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe