I would just like a second opinion on this
Logfile of HijackThis v1.99.1
Scan saved at 7:44:15 AM, on 9/19/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\system32\Ati2evxx.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\WINNT\System32\svchost.exe
E:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
E:\WINNT\system32\MSTask.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\Ati2evxx.exe
E:\WINNT\Explorer.EXE
E:\Program Files\Common Files\Symantec Shared\SymTray.exe
E:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE
E:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
E:\Program Files\Logitech\MouseWare\system\em_exec.exe
E:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
E:\WINNT\vsnpstd.exe
D:\Program Files\iolo\System Mechanic 5\PopupStopper.exe
E:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Outlook Express\msimn.exe
E:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\WINNT\system32\mdm.exe
C:\utilities\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Cas - {B5F3970B-745E-46AC-B890-E08F69777D80} - E:\WINNT\system32\ca2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "E:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] E:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [SSC_UserPrompt] E:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SBDrvDet] E:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] E:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] E:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] E:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\Run: [snpstd] E:\WINNT\vsnpstd.exe
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "D:\Program Files\iolo\System Mechanic 5\PopupStopper.exe"
O4 - Global Startup: Acrobat Assistant.lnk = E:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ItsDeductible7PopUp.lnk = ItsDeductible7\ItsD7.EXE
O8 - Extra context menu item: Download with GetRight - E:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Popup Stopper - Add to Black List - G:\Program Files\iolo\System Mechanic 5\AddToPSBlackList.htm
O8 - Extra context menu item: Popup Stopper - Add to White List - G:\Program Files\iolo\System Mechanic 5\AddToPSWhiteList.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {00EEB16B-519A-42BD-BF5C-2E0C9AE0CD21} - http://www.racelm.co...4turbonorun.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {CC1E9F72-AFBE-4C67-B6E1-AB992035E562} (CFM2005TurboDMCrsnorun.UserControl1) - http://www.racelm.co...oDMCrsnorun.CAB
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINNT\system32\ati2sgag.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - E:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - E:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: PACSPTISVR - Sony Corporation - E:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Speed Disk service - Symantec Corporation - E:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - E:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - E:\WINNT\system32\ZoneLabs\vsmon.exe