Hi
I have very much spyware on my computer. I had problems to any sites on IE, but after using spybot/adaware and HijackThis it works better. But I still have much crap on my computer. Can anyone tell me what I can fix here?

Logfile of HijackThis v1.99.0
Scan saved at 00:38:41, on 01/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SVCHSST.exe
C:\WINDOWS\System32\kernelvmon.exe
C:\WINDOWS\System32\wauluclt.exe
C:\WINDOWS\System32\lsrv.exe
C:\WINDOWS\System32\MSlti16.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\no\msnappau.exe
C:\vx.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\svchcst.exe
C:\WINDOWS\SYSCFG16.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\Sygate.exe
C:\WINDOWS\System32\svshost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\WINDOWS\System32\nertilse.exe
C:\Documents and Settings\Torgrim Sollid\Application Data\awrh.exe
C:\Program Files\HighPoint\RAID Administrator\raid.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\netclnc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ntsf.exe
C:\WINDOWS\System32\svvhost.exe
C:\PROGRA~1\ONLINE~2\ADSL\ADSL.exe
C:\Program Files\Opera75\opera.exe
C:\WINDOWS\System32\zmwwfg.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://default.home/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default.home/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gocyberlink.com/registration/registration1.asp?SoftWare=POWERDVD&Version_Num=3.0&Cd_Key=MV96195E919DE343&Company=Sollid_Incorporated:)&FName=Torgrim_Sollid&Lang=Nor
R3 - Default URLSearchHook is missing
O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll
O2 - BHO: (no name) - {33BDFD62-4482-5338-FD0D-1D943EEEDEC4} - C:\WINDOWS\System32\uga.dll
O2 - BHO: (no name) - {3F0241E2-B9F8-4088-94D6-AEEE520BF6A4} - (no file)
O2 - BHO: DOMP Class - {4C1B116F-2860-46db-8E6C-B4BFC4DFD683} - C:\WINDOWS\ietlbass32.dll
O2 - BHO: (no name) - {504C75BD-F703-4F30-B548-30A89120036A} - (no file)
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [Microsoft IT Update] SVCHSST.exe
O4 - HKLM\..\Run: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Firewalll] svvhost.exe
O4 - HKLM\..\Run: [System Update] wauluclt.exe
O4 - HKLM\..\Run: [Microsoft Services] lsrv.exe
O4 - HKLM\..\Run: [Microsoft AUT Update] MSlti16.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\no\msnappau.exe"
O4 - HKLM\..\Run: [VIDEOPROCESS] C:\vx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [Windows NT Service Name] svchcst.exe
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\Run: [Sygate Personal Firewall] Sygate.exe
O4 - HKLM\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\Run: [hcfhdukgjc] C:\WINDOWS\System32\zmwwfg.exe
O4 - HKLM\..\RunServices: [Microsoft IT Update] SVCHSST.exe
O4 - HKLM\..\RunServices: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKLM\..\RunServices: [Windows Firewalll] svvhost.exe
O4 - HKLM\..\RunServices: [System Update] wauluclt.exe
O4 - HKLM\..\RunServices: [Microsoft Services] lsrv.exe
O4 - HKLM\..\RunServices: [Microsoft AUT Update] MSlti16.exe
O4 - HKLM\..\RunServices: [Windows NT Service Name] svchcst.exe
O4 - HKLM\..\RunServices: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\RunServices: [Sygate Personal Firewall] Sygate.exe
O4 - HKLM\..\RunServices: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\RunServices: [system32.exe] services32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKCU\..\Run: [Windows Firewalll] svvhost.exe
O4 - HKCU\..\Run: [Microsoft IT Update] SVCHSST.exe
O4 - HKCU\..\Run: [Microsoft AUT Update] MSlti16.exe
O4 - HKCU\..\Run: [Microsoft Services] lsrv.exe
O4 - HKCU\..\Run: [System Update] wauluclt.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKCU\..\Run: [Sygate Personal Firewall] Sygate.exe
O4 - HKCU\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKCU\..\Run: [YwxtRVcEU] nertilse.exe
O4 - HKCU\..\Run: [Ress] C:\Documents and Settings\Torgrim Sollid\Application Data\awrh.exe
O4 - HKCU\..\Run: [Sxwew] C:\WINDOWS\System32\w?wexec.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RAID Administrator.lnk = C:\Program Files\HighPoint\RAID Administrator\raid.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe
O13 - WWW. Prefix: http://ehttp.cc/?
O16 - DPF: {0191ABF4-9421-435E-9FFD-CD827A2A82D8} (SBITAX7Ctrl Class) - http://www.traffictrick.com/tl7000.dll
O16 - DPF: {11111111-1111-1111-1111-111111113457} - file://c:\ied_s7.cab
O16 - DPF: {11111111-1111-1111-1111-511111113457} - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111113458} - file://c:\x.cab
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://shemale-bang.com/gal2/w.chm::/file.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2517F764-6F60-4ADD-8FCF-137E5B220FF6} (VacPro.emsat_ver4) - http://advnt01.com/dialer/emsat_ver4.CAB
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094740539503
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {DDF44FD9-749F-4761-89BB-E8A59339E459} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_9_EN_XP.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/SpSp29952.22opt/SpySpotterInstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A19CECF5-D517-431E-A56F-E0BBD9807842}: NameServer = 193.213.112.4 130.67.60.68
O18 - Protocol: bw+0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - (no file)
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Unknown - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Network Client - Unknown - C:\WINDOWS\system32\netclnc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Do you have any virus protection on here?

Go to Safe Mode(Tap F8 on Startup)

Run AVG Antivirus, delete or Quaranteen what it finds.

http://www.grisoft.com/us/us_index.php

Then delete temporary Internet files, cookies, Empty Recycle Bin, Scan with Adaware and Spybot again, Reboot and post a new log.........Jim

what a mess batman..

jupp...what a mess :)

Well, I have now scanned my computer in safe mode with AVG. I have runned adaware and spybot and deleted cookies and internet files.

This is the log file:

Logfile of HijackThis v1.99.0
Scan saved at 02:05:10, on 01/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\ntsf.exe
C:\WINDOWS\System32\svshost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Documents and Settings\Torgrim Sollid\Application Data\awrh.exe
C:\WINDOWS\System32\w?wexec.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\HighPoint\RAID Administrator\raid.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\netclnc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\ONLINE~2\ADSL\ADSL.exe
C:\Program Files\Opera75\opera.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default.home
O2 - BHO: ZServObj Class - {00000000-C1EC-0345-6EC2-4D0300000000} - C:\WINDOWS\ZServ.dll
O2 - BHO: (no name) - {33BDFD62-4482-5338-FD0D-1D943EEEDEC4} - C:\WINDOWS\System32\uga.dll
O2 - BHO: (no name) - {3F0241E2-B9F8-4088-94D6-AEEE520BF6A4} - (no file)
O2 - BHO: DOMP Class - {4C1B116F-2860-46db-8E6C-B4BFC4DFD683} - C:\WINDOWS\ietlbass32.dll
O2 - BHO: (no name) - {504C75BD-F703-4F30-B548-30A89120036A} - (no file)
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\RunServices: [Microsoft IT Update] SVCHSST.exe
O4 - HKLM\..\RunServices: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKLM\..\RunServices: [Windows Firewalll] svvhost.exe
O4 - HKLM\..\RunServices: [System Update] wauluclt.exe
O4 - HKLM\..\RunServices: [Windows NT Service Name] svchcst.exe
O4 - HKLM\..\RunServices: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\RunServices: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\RunServices: [system32.exe] services32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKCU\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKCU\..\Run: [Ress] C:\Documents and Settings\Torgrim Sollid\Application Data\awrh.exe
O4 - HKCU\..\Run: [Sxwew] C:\WINDOWS\System32\w?wexec.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RAID Administrator.lnk = C:\Program Files\HighPoint\RAID Administrator\raid.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe
O13 - WWW. Prefix: http://ehttp.cc/?
O16 - DPF: {0191ABF4-9421-435E-9FFD-CD827A2A82D8} (SBITAX7Ctrl Class) - http://www.traffictrick.com/tl7000.dll
O16 - DPF: {11111111-1111-1111-1111-111111113457} - file://c:\ied_s7.cab
O16 - DPF: {11111111-1111-1111-1111-511111113457} - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111113458} - file://c:\x.cab
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://shemale-bang.com/gal2/w.chm::/file.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2517F764-6F60-4ADD-8FCF-137E5B220FF6} (VacPro.emsat_ver4) - http://advnt01.com/dialer/emsat_ver4.CAB
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094740539503
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {DDF44FD9-749F-4761-89BB-E8A59339E459} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_9_EN_XP.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/SpSp29952.22opt/SpySpotterInstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A19CECF5-D517-431E-A56F-E0BBD9807842}: NameServer = 193.213.112.4 130.67.60.68
O18 - Protocol: bw+0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - (no file)
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Unknown - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Network Client - Unknown - C:\WINDOWS\system32\netclnc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Yep this one may take a while..Stay tuned for the next episode.

Theres a virus in there someplace, his post got caught by my ISP, AV..

Subject: Reply to post 'HijackThis'
Virus: Exploit-MhtRedir.gen

Well I'm not suprised if there is a virus in there someplace. I ran AVG 3 times and AVG found 45 viruses!!! and removed 35!? If I run AVG again it will not find any more viruses.....

http://www.iamnotageek.com/a/Winlogon.exe.php

C:\WINDOWS\system32\winlogon.exe
This program only shows up under 2 cercumstances.
1. you hit CTRL, ALT, DEL
2. you are networked
It shouldnt be on this list, as it loads in another place under windows..

C:\WINDOWS\system32\services.exe

C:\WINDOWS\System32\svshost.exe

C:\Documents and Settings\Torgrim Sollid\Application Data\awrh.exe
Dont know what this is??

C:\WINDOWS\System32\w?wexec.exe
KILL

C:\WINDOWS\system32\netclnc.exe

thats the first part...HOLD tight.
When you remove this STUFF...use SAFE mode..tap f8 when starting..

Im going to be ABIT drastic...

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default.home
O2 - BHO: ZServObj Class - {00000000-C1EC-0345-6EC2-4D0300000000} - C:\WINDOWS\ZServ.dll
O2 - BHO: (no name) - {33BDFD62-4482-5338-FD0D-1D943EEEDEC4} - C:\WINDOWS\System32\uga.dll
O2 - BHO: (no name) - {3F0241E2-B9F8-4088-94D6-AEEE520BF6A4} - (no file)
O2 - BHO: DOMP Class - {4C1B116F-2860-46db-8E6C-B4BFC4DFD683} - C:\WINDOWS\ietlbass32.dll
O2 - BHO: (no name) - {504C75BD-F703-4F30-B548-30A89120036A} - (no file)

O4 - HKLM\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
DONt mess this one, as theres a FEW different ones.

O4 - HKLM\..\RunServices: [Microsoft IT Update] SVCHSST.exe
O4 - HKLM\..\RunServices: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKLM\..\RunServices: [Windows Firewalll] svvhost.exe
O4 - HKLM\..\RunServices: [System Update] wauluclt.exe
O4 - HKLM\..\RunServices: [Windows NT Service Name] svchcst.exe
O4 - HKLM\..\RunServices: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\RunServices: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\RunServices: [system32.exe] services32.exe
These I dont know, and cant find..
Im VERY LERRY, about that NTFS one.. NTFS is how your Harddrive is formated, and shouldnt be called here. Unless theres another drive on your system thats formated differently. And then theres the idea that is ALL LINKed as a group.

O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKCU\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe

O4 - HKCU\..\Run: [Ress] C:\Documents and Settings\Torgrim Sollid\Application Data\awrh.exe
DONt know it, cant find it..

O4 - HKCU\..\Run: [Sxwew] C:\WINDOWS\System32\w?wexec.exe

O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe
O13 - WWW. Prefix: http://ehttp.cc/?
O16 - DPF: {0191ABF4-9421-435E-9FFD-CD827A2A82D8} (SBITAX7Ctrl Class) - http://www.traffictrick.com/tl7000.dll
POKER???
Its the last one thats tha BAD part.

O16 - DPF: {11111111-1111-1111-1111-111111113457} - file://c:\ied_s7.cab
O16 - DPF: {11111111-1111-1111-1111-511111113457} - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111113458} - file://c:\x.cab

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://shemale-bang.com/gal2/w.chm::/file.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocach...etup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2517F764-6F60-4ADD-8FCF-137E5B220FF6} (VacPro.emsat_ver4) - http://advnt01.com/dialer/emsat_ver4.CAB

O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {DDF44FD9-749F-4761-89BB-E8A59339E459} - http://akamai.downloadv3.com/binari...ice_9_EN_XP.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spys...tterInstall.cab

O18 - Protocol: bw+0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2C8E6817-00C4-484B-9D67-DD8252FCF99D} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Dont know the BW plugin is, but its NOT part of windows...
DId you use spysweeper???

O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - (no file)
TROJAN

O23 - Service: Network Client - Unknown - C:\WINDOWS\system32\netclnc.exe

NORTON dont look like its turned on, or working properly...
Check it..

This is the FIRST SHOT...REMOVE this stuff in SAFE MODE...
Good luck...

Then repoat plz..

Well I have now deleted alot!
The list is getting smaller :)
Now this is the log file from HijackThis:

Logfile of HijackThis v1.99.0
Scan saved at 20:19:26, on 01/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\ntsf.exe
C:\WINDOWS\System32\svshost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\HighPoint\RAID Administrator\raid.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\RunServices: [Microsoft IT Update] SVCHSST.exe
O4 - HKLM\..\RunServices: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKLM\..\RunServices: [Windows Firewalll] svvhost.exe
O4 - HKLM\..\RunServices: [System Update] wauluclt.exe
O4 - HKLM\..\RunServices: [Windows NT Service Name] svchcst.exe
O4 - HKLM\..\RunServices: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\RunServices: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\RunServices: [system32.exe] services32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKCU\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RAID Administrator.lnk = C:\Program Files\HighPoint\RAID Administrator\raid.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094740539503
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Unknown - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Looks Better,at least shorter, Let me take a look........Jim :vivi

Go To Safe Mode (F8 on Startup) and delete these files.

C:\WINDOWS\System32\ntsf.exe
C:\WINDOWS\System32\svshost.exe

Still in Safe Mode, Place a check next toeach of these and click Fix Checked.


O4 - HKLM\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\RunServices: [Microsoft IT Update] SVCHSST.exe
O4 - HKLM\..\RunServices: [Microsoft Update Emulator] kernelvmon.exe
O4 - HKLM\..\RunServices: [Windows Firewalll] svvhost.exe
O4 - HKLM\..\RunServices: [System Update] wauluclt.exe
O4 - HKLM\..\RunServices: [Windows NT Service Name] svchcst.exe
O4 - HKLM\..\RunServices: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKLM\..\RunServices: [UPDATE MICROSOFT SYSTEM] svshost.exe
O4 - HKLM\..\RunServices: [system32.exe] services32.exe
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] ntsf.exe
O4 - HKCU\..\Run: [UPDATE MICROSOFT SYSTEM] svshost.exe
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Program Files\expektMPP\MPPoker.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe


Delete all Temporary Internet Files, Cookies, Do a Defrag(still in safe mode),Empty recycle bin.

Then Reboot and post a new log..........Jim

Then I deleted what you said and defraged (everything in safe mode)

Maybe the log is starting to look normal?

Logfile of HijackThis v1.99.0
Scan saved at 21:55:04, on 01/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\HighPoint\RAID Administrator\raid.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RAID Administrator.lnk = C:\Program Files\HighPoint\RAID Administrator\raid.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094740539503
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Unknown - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

ALOT better..
I was watching just 2 files to kill...That SV(?)host thing...SVCHOST is the only oone you should have, and one 2-3 of those.
And that NTFS THING.

NOW..
Make SURE you have
spybot, tools HOSTS list, turn it on...Its a BAN list.
Spywareblaster
UPDATED and RUn 1 time aweek, AT LEAST..

ALSO, update your windows...You are SP1, and SP2 is out and doing well.

ECA,I cant believe we fixed this one so fast.

I found that Defrag in Safe Mode fix on another board. Seemed to help.

It also should help on the win-eto problem on some of the other threads.........Jim

Jack
Download SpywareBlaster for prevention Here is the link

http://www.javacoolsoftware.com/spywareblaster.html

Its just scary playing with someones REG.
And i hate being DRASTIC, and CUT everything.

Could get MEAN and cut everything NOT WINDOWS...
Then theres the LIKE files.. NTFS, and SVS(??).. Those are just an anoyance.

Yes, Im amazed..

Its just scary playing with someones REG.
And i hate being DRASTIC, and CUT everything.

..


I would have been just as drastic on this one, It was a mess. Good job.........Jim

WELL,
Its taken me awhile to SHOW/explain to a friend WHY, I want 3 computers.
Each computer would be set to do different things..
Have 1 computer to do EVERYTHING, really messes windows up..
digitizing Audio and video, scanning, fax, internet, telephone answering, Mp3 writing and playing, game machine, tax writer, business, office, Playing recording, copying DVD, trying out NEW programs, 3+ art programs and Picture editors... It gets to be to much for 1 system. And Havent even touched STORAGE and backup..wont go into remote view, security, net camera, remote weather station, or even networking.

Well I have installed spyblaster. But the reason why I haven't updated windows is because I get a error message when I try!
When I click express install:
[Error number: 0x80070424]
Windows Update has encountered an error and cannot display the requested page. You may find the following resources helpful in resolving the problem:

Thats why I still have service pack1

But anyway...thanks alot for helping ECA and Jim!!!

Run and Update Adaware and Spybot at least once a week to keep it clean.Update SpywareBlaster once a week Enable all Protection and let it run in the background.........Jim :vivi

You have an HP??
Go threw HP, to get your update, or to find out HOW..