R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
-------
Here is the fresh hijackthis log
-------
Logfile of HijackThis v1.99.1
Scan saved at 10:23:16 PM, on 8/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CleanUp!\Cleanup.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\WINDOWS\notepad.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: (no name) - {75EADD2C-263D-432F-B554-4C4421866062} - (no file)
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O9 - Extra button: Wild Jack Poker - {17709D14-4A02-42c6-B9FA-18C90A851F51} - C:\Program Files\wildjackMPP\MPPoker.exe
O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\poker.exe
O9 - Extra button: CDpoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDpoker\casino.exe
O9 - Extra 'Tools' menuitem: CDpoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDpoker\casino.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\earthlinkim\aim.exe
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Program Files\bet365MPP\MPPoker.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe
O9 - Extra button: Royal Vegas Poker - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MPPoker.exe
O9 - Extra button: POKER - {FB389F33-303A-4490-9E18-B301A493FBF2} - C:\Program Files\PokermMPP\MPPoker.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1096169702640
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - http://us.dl1.yimg.c.../ymmapi_416.dll
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} - http://www.stopzilla...ller/dwnldr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DF65C0F-7292-4D21-8937-D46BD8F1A1E7}: NameServer = 206.141.192.60 206.141.193.55
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
-------
AboutBuster 5.0 reference file 31
Scan started on [8/13/2005] at [9:48:56 PM]
------------------------------------------------
No Ads Found!
------------------------------------------------
No Files Found!
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 9:49:32 PM
--------
------
(8/13/05 9:49:57 PM) SPSeHjFix started v1.1.2
(8/13/05 9:49:57 PM) OS: WinXP Service Pack 2 (5.1.2600)
(8/13/05 9:49:57 PM) Language: english
(8/13/05 9:49:57 PM) Win-Path: C:\WINDOWS
(8/13/05 9:49:57 PM) System-Path: C:\WINDOWS\system32
(8/13/05 9:49:57 PM) Temp-Path: C:\DOCUME~1\Owner\LOCALS~1\Temp\
(8/13/05 9:49:58 PM) Disinfection started
(8/13/05 9:49:58 PM) Bad-Dll(IEP): (not found)
(8/13/05 9:49:58 PM) Bad-Dll(IEP) in BHO: (not found)
(8/13/05 9:49:58 PM) Searchassistant Uninstaller found: Error
(8/13/05 9:49:58 PM) Searchassistant Uninstaller - Keys Deleted
(8/13/05 9:49:58 PM) UBF: 7 - UBB: 0 - UBR: 2
(8/13/05 9:49:58 PM) UBF: 7 - UBB: 0 - UBR: 2
(8/13/05 9:49:58 PM) Bad IE-pages:
deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank
------------