Okay finally done it!! here you go:
StartupList report, 05/20/2005, 16:58:29
StartupList version: 1.52.2
Started from : C:\Documents and Settings\msiz\Desktop\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Office mouse\1.1\moffice.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Office mouse\1.1\MOUSE32A.DAT
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\PROGRA~1\Mailinfo\Mailinfo.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\msiz\Desktop\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe
Digimax Viewer 2.1.lnk = ?
EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINNT\system32\Userinit.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Synchronization Manager = mobsync.exe /logon
FLMOFFICE4DMOUSE = C:\Program Files\Office mouse\1.1\moffice.exe
EPSON Stylus C42 Series = C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
gcasServ = "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
CorelDRAW Graphics Suite 11b = C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=052205 serial=DR12WEX-1504397-KTY lang=EN
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
NeroFilterCheck = C:\WINNT\system32\NeroCheck.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
--------------------------------------------------
Shell & screensaver key from C:\WINNT\SYSTEM.INI:
Shell=
SCRNSAVE.EXE=C:\WINNT\System32\KYLIE-~1.SCR
drivers=
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=none
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\Panicware\Pop-Up Stopper\CCHelper.dll - {0CF0B8EE-6596-11D5-A98E-0003470BB48E}
(no name) - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - (no file) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
(no name) - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
Norton Internet Security - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll - {9ECB9560-04F9-4bbc-943D-298DDF1699E1}
(no name) - c:\program files\google\googletoolbar_en_2.0.111-big.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
NAV Helper - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Norton AntiVirus - Scan my computer - msiz.job
Symantec NetDetect.job
--------------------------------------------------
Enumerating Download Program Files:
[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINNT\Downloaded Program Files\LegitCheckControl.DLL
CODEBASE =
http://go.microsoft....738&clcid=0x409[Office Update Installation Engine]
InProcServer32 = C:\WINNT\opuc.dll
CODEBASE =
http://office.micros...ontent/opuc.cab[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE =
http://v4.windowsupd...8113.4619444444[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINNT\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
CODEBASE =
http://messenger.msn...pdownloader.cab[{B9191F79-5613-4C76-AA2A-398534BB8999}]
CODEBASE =
http://us.dl1.yimg.c...utocomplete.cab[Shockwave Flash Object]
InProcServer32 = C:\WINNT\System32\Macromed\Flash\FLASH.OCX
CODEBASE =
http://download.macr...ash/swflash.cab--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: C:\WINNT\System32\webcheck.dll
SysTray: C:\WINNT\System32\stobject.dll
PostBootReminder: C:\WINNT\system32\SHELL32.dll
CDBurn: C:\WINNT\system32\SHELL32.dll
--------------------------------------------------
End of report, 7,789 bytes
Report generated in 0.150 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only