You and the rest of the staff really provide a terrific service! I made two donations to Geeks to Go - through PayPal and Amazon - but I don't think I'll get a Donor icon by my name because for each of those sites I use a different email address from my primary email address, which I registered on this forum. (Same personal domain name, but different aliases to minimize the chance of getting on spam lists.)
I did everything you told me to do ... and removed most of the optional 04- entries you suggested. I set up and ran Ad-Aware per your instructions, although some of your Advanced and Scanning Engine options didn't exactly match up with those in Ad-Aware. (I assume maybe they changed a few options in the latest version?) But I did the best I could, and removed everything it found. Then I rebooted, and below is a fresh HJT log.
I'll wait and see if I get any more popups. Sometimes it takes a day or so. I'm keeping my fingers crossed! Thanks again.
Logfile of HijackThis v1.98.2
Scan saved at 4:29:40 PM, on 12/15/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\WINNT\System32\CTsvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\devldr32.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\PROGRA~1\Navnt\alertsvc.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Dell\Solution Center\service.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Netropa\Multimedia Keyboard\mmusbkb2.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Navnt\POPROXY.EXE
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe
C:\Program Files\Navnt\NAVAPW32.EXE
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\1033\msoffice.exe
C:\Program Files\Microsoft Office\Office\1033\msoffice.exe
C:\PROGRA~1\HEWLET~1\HPPSC7~1\bin\hpoevm07.exe
C:\WINNT\system32\hpoipm07.exe
C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\HPOSTS07.exe
C:\Downloads\Hijack This\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [DellSC] C:\Program Files\Dell\Solution Center\service.exe
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [Speed racer] C:\Program Files\Creative\PlayCenter\CTSRReg.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\Navnt\defalert.exe
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Navnt\POPROXY.EXE
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\NAVAPW32.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll