Ok, I ran the free program Housecall and found 12 infected files that couldn't be repaired so I deleated them. I restarted my computer and ran Hijackthis and this is what I got.....
Logfile of HijackThis v1.99.1
Scan saved at 10:28:48 PM, on 5/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\bidispl8.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ATPartne.exe
C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
C:\Program Files\Softwin\BitDefender Free Edition\bdmcon.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\NetRatingsNetmeter\NetMeter\NielsenOnline.exe
c:\windows\system32\gvnmsc.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700
series\Bin\hpobrt07.exe
C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
C:\WINDOWS\system32\msCMTSrvc.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\DC Series 1\Console\Watch.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender
Communicator\xcommsvr.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan
Server\bdss.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\FYI\lqgjcqmcso.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\PeDevice\PeDev.exe
C:\Documents and Settings\Laurie Entwistle\Local Settings\Temporary
Internet Files\Content.IE5\2L3O1ORA\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) =
www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.drs...esearch.cgi?id=R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://websearch.drs...esearch.cgi?id=R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://store.presari...edir2.dll?s=consumerfav&c=2c02&lc=0409
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://red.clientapp.../ymsgr6/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.drs...esearch.cgi?id=R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://websearch.drs...esearch.cgi?id=R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://store.presari...edir2.dll?s=consumerfav&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://search.scourw...srch1&look=stmpl1&kw=
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://websearch.drs...esearch.cgi?id=R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
http://websearch.drs...esearch.cgi?id=R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)
= websearch.drsnsrch.com/q.cgi?q=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default)
=
http://search.scourw...srch1&look=stmpl1&kw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer provided by Compaq
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = sas.ne2.attbb.net:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.ne2.attbb.net
R3 - URLSearchHook: URLSearchHook Class -
{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program
Files\NZSearch\SearchEnh1.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E}
- C:\WINDOWS\systb.dll
O2 - BHO: (no name) - {3800A614-7B61-A148-69B4-F81218ED150A} -
(no file)
O2 - BHO: (no name) - {A8445832-5275-54C0-77A5-6099A8184DAA} -
C:\Program Files\CDM\ywphekmqjp.dll
O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB}
- (no file)
O2 - BHO: PEDEV_IEListener Class -
{E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program
Files\PeDevice\PeDev.dll
O2 - BHO: WebBar Class -
{EE392A64-F30B-47C8-A363-CDA1CEC7DC1B} -
C:\PROGRA~1\APPLIE~1\Bar.dll
O3 - Toolbar: (no name) -
{BDF6CE3D-F5C5-4462-9814-3C8EAC330CA8} - (no file)
O3 - Toolbar: (no name) -
{2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS
Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program
Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy
Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [NAV Agent]
c:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program
Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [DDCM] "C:\Program
Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DXM6Patch_981116]
C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVCOMS] C:\WINDOWS\System32\LVCOMS.EXE
O4 - HKLM\..\Run: [70ce1531a265]
C:\WINDOWS\System32\bidispl8.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [New.net Startup] rundll32
C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
-startup
O4 - HKLM\..\Run: [c1c12136e75f]
C:\WINDOWS\system32\ATPartne.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [UserFaultCheck]
%systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [navapp] C:\Program
Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender
Free Edition\\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program
Files\Softwin\BitDefender Free Edition\\bdnagent.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [NetMeter] C:\Program
Files\NetRatingsNetmeter\NetMeter\NielsenOnline.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\eliteyfg32.exe
O4 - HKLM\..\Run: [fxezip] c:\windows\system32\gvnmsc.exe
O4 - HKLM\..\RunOnce: [Compaq_RBA] C:\Program
Files\compaq\Compaq Advisor\bin\compaq-rba.exe -z
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program
Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Startup: HotSync Manager.lnk = C:\Program
Files\Palm\HOTSYNC.EXE
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk =
C:\Program Files\Hewlett-Packard\AiO\hp psc 700
series\Bin\hpobrt07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: updater.lnk = C:\Program Files\Common
Files\updater\wupdater.exe
O4 - Global Startup: Watch.lnk = C:\Program Files\DC Series
1\Console\Watch.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program
Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: SirSearch - file://C:\Program
Files\PWRSDP1\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: MoneySide -
{E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program
Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates -
{6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program
Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file
missing) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .mp3: C:\Program Files\Internet
Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .mpg: C:\Program Files\Internet
Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\Program Files\Internet
Explorer\PLUGINS\npqtplugin2.dll
O14 - IERESET.INF:
START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario
/storeredir2.dll?s=consumerfav&c=2c02&lc=0409
O16 - DPF: Yahoo! Blackjack -
http://download.game...nts/y/jt0_x.cabO16 - DPF: Yahoo! Checkers -
http://download.game...nts/y/kt3_x.cabO16 - DPF: Yahoo! Gin -
http://download.game...nts/y/nt1_x.cabO16 - DPF: Yahoo! Klondike Solitaire -
http://yog55.games.s...og/y/ks12_x.cabO16 - DPF: Yahoo! Pool 2 -
http://download.game...ts/y/pote_x.cabO16 - DPF: Yahoo! Spades -
http://download.game...nts/y/st2_x.cabO16 - DPF: {09C6CAC0-936E-40A0-BC26-707480103DC3} (shizmoo
Class) -
http://www.uproar.co...pside_web18.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX
ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} (EABootStrap
Class) -
http://www.ea.com/do...trap/iegils.cabO16 - DPF: {2C38A62E-D257-40E8-8BB7-5624E38FEB0A} -
http://www.angelfire...effy/steffy.cabO16 - DPF: {2F5B39C5-C6F5-447A-A946-48B382C53985} -
http://www.pacimedia...ll/pcs_0025.exeO16 - DPF: {47CD99DF-8BCF-4B9B-94EF-02E51B2F79DA} -
http://www.alwaysupd...ll/aun_0019.exeO16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie
Class) -
http://otx.ifilm.com...ia/OTXMedia.dllO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE
Class) -
http://software-dl.r...zip/RdxIE601.cab
O16 - DPF: {5BC27861-314A-11D6-996D-00E018981B9E} (New.net
Auto-search Control) -
http://www.new.net/q...rch/srchctl.cabO16 - DPF: {5F3B3060-09E0-44C6-86F7-BC7B02B57BEE} -
http://downloads.sho...tall_godspeed1003.cab
O16 - DPF: {6FDB0065-2787-11D6-B1D8-0001023916FC}
(CLOActiveXInstaller Control) -
http://www.igl.net/c...tallerProj1.cabO16 - DPF: {731918D2-517A-47E2-886A-3BC1380C591D} (PdpPlg
Class) -
http://webpdp.gator....094_hd3ptdm.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall
Control) -
http://a840.g.akamai...ll.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C}
(CWDL_DownLoadControl Class) -
http://www.callwave....DL_DownLoad.CABO16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613}
(NMInstall Control) -
http://a14.g.akamai....anel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.60.38.0_MEGAPANEL_USA
.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie
Control) -
http://a19.g.akamai....m/v3123/cpbrkpie.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam
Control) -
http://webcamnow.com...tiveXWebCam.cabO16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} -
http://www.alwaysupd...ll/aun_0027.exeO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook
Class) -
http://us.dl1.yimg.c.../suite/yautocomplete.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown
Installer ActiveX Control) -
http://download.toon...3.20/ttinst.cabO16 - DPF: {C0B285F6-DB2B-4908-9C58-F6D95397D747} -
http://www.pacimedia...ll/pcs_0025.exeO16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479}
(EPSImageControl Class) -
http://tools.ebayimg...ol_v1-0-3-0.cabO16 - DPF: {EC51659D-721F-4CBF-9CEA-5E776D89CEA9} -
http://www.pacimedia...ll/pcs_0025.exeO16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo!
Toolbar) -
http://us.dl1.yimg.c...r/yiebio5_1_2_0.
cab
O20 - Winlogon Notify: igfxcui -
C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner -
C:\Program Files\Common Files\Softwin\BitDefender Scan
Server\bdss.exe" /service (file missing)
O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet -
C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown
owner - C:\WINDOWS\system32\msCMTSrvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -
Symantec Corporation - c:\Program Files\Norton
AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner -
C:\WINDOWS\svcproc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown
owner - C:\Program Files\Common Files\Softwin\BitDefender
Communicator\xcommsvr.exe" /service (file missing)