Hi
First of all thanks for hosting this forum/facilities. My IE is completey unresponsive so I have taken to using Opera. However iexplore.exe processes keep multiplying (as seen in Task Manager) and if I dont keep killing them they render the system completely unresponsive in a few minutes.

I have taken all the steps that you require in the "Before you post" except that i have not been able to run any of the online VS since it seems Opera is not supported by any of them (TrendMicro led me to install a JVM but did do anything anyways). I have run S&D in safe mode and it comes up with a clean bill of health.

Here is the hjt log. Please help.


Logfile of HijackThis v1.99.1
Scan saved at 10:01:07 PM, on 1/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Net Nanny\nnsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
c:\program files\internet explorer\iexplore.exe
C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.att.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [NNTray] C:\Program Files\Net Nanny\nnstart.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [OLPSYNCH] C:\Program Files\Offline Course Player\OlpSynch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101492519671
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by15fd.bay15.hotmail.msn.com/activex/HMAtchmt.ocx
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NNSvc - Looksmart, Ltd. - C:\Program Files\Net Nanny\nnsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Click \start\run\then type in or copy and paste in

sfc /scannow


You must be logged on as a member of the Administrators group to run sfc.

If sfc discovers that a protected file has been overwritten, it retrieves the correct version of the file from the
%systemroot%\system32\dllcache folder, and then replaces the incorrect file.

Try this link if you have any trouble.

http://www.updatexp.com/scannow-sfc.html

Hi

Thanks for the reply. I will try what you suggest. However, here is a good piece of news. Without my doing anything proactively the problem seemed to have fixed itself. I wonder if this might have been due to windows healing itself or some patch coming down without my knowing it.

has this been observed before? Any explanations.

But thanks anyways. You guys are doing a great job.

cheers

After that scan with spybot. Also download and install AVG Anti-Spyware (ewido). Then scan and post the report here.
Instructions and download link can be found here (http://forums.security-central.us/showthread.php?t=3165).

Here is the scan report from AVG Anti-Spyware 7.5.

thanks for your help

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:11:06 PM 1/27/2007

+ Scan result:



C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP693\A0058704.EXE -> Adware.Background : Cleaned.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP692\A0057375.exe -> Adware.Casino : Cleaned.
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Dell Support\DSAgnt.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Net Nanny\nnstart.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Offline Course Player\OlpSynch.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\Yahoo!\Messenger\ypager.exe -> Downloader.Agent.awf : Cleaned.
C:\Program Files\support.com\bin\tgcmd.exe -> Downloader.Agent.awf : Cleaned.
[1932] C:\DOCUME~1\PRITIG~1\LOCALS~1\Temp\1169152751E9oNa.exe -> Downloader.Agent.awf : Cleaned.
C:\Documents and Settings\Priti Gairola\Local Settings\Temporary Internet Files\Content.IE5\7CVWAGKA\l[1].htm -> Downloader.Small.co : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\LocalService\Cookies\system@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@adviva[2].txt -> TrackingCookie.Adviva : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@ads19.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ads.guardian.co[2].txt -> TrackingCookie.Co : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@ads.guardian.co[1].txt -> TrackingCookie.Co : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@dbbsrv[1].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@1800search.com.19522.fb.dbbsrv[2].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@www.herbalife.com.18345.fb.dbbsrv[2].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@www.herballife.com.18345.fb.dbbsrv[1].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wfk4amczedp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wfloeodzmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjk4qmdjabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjkyqicpwao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjkyuldzoeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjlyghc5ago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjmicldzeho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjny-1iajwc.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjnygmczifp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@e-2dj6wjnyuic5waq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyqgcpwdogqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@gator[2].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@gator[1].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ehg-aha.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ehg-comcast.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ehg-foxsports.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ehg-socaledison.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ehg-uniontrib.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@w104.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ehg-danskin.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ehg-hasbro.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ehg-nestleusainc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ehg-sonycomputer.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@ehg-cbs.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@ehg-foxsports.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@counter.hitslink[1].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@searchportal.information[2].txt -> TrackingCookie.Information : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@ads.specificpop[1].txt -> TrackingCookie.Specificpop : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@specificpop[2].txt -> TrackingCookie.Specificpop : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@spinbox[2].txt -> TrackingCookie.Spinbox : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@blp.valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@dotp.valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.

--- contd

contd from last post...

C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@www.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@ads.x10[2].txt -> TrackingCookie.X10 : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Priti Gairola\Cookies\priti gairola@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Arun Kumar\Cookies\arun kumar@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Shreya Kumar\Cookies\shreya kumar@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\bl12\Cookies\bl12@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
::Report end

Rescan with HJT and post a new log here.
Also please describe how your computer behaves at the moment.

Thanks for the followup. The PC is behaving itself. I havent seen the issue in quite a few days.

Rescan with HJT and log is below:


Logfile of HijackThis v1.99.1
Scan saved at 1:32:28 PM, on 1/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Net Nanny\nnsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\DOCUME~1\PRITIG~1\LOCALS~1\Temp\1169152751E9oNa.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\JumpStart\JumpStart Advanced Language Club\JSLangClub.exe
C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.att.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [NNTray] C:\Program Files\Net Nanny\nnstart.exe
O4 - HKLM\..\Run: [OLPSYNCH] C:\Program Files\Offline Course Player\OlpSynch.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101492519671
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by15fd.bay15.hotmail.msn.com/activex/HMAtchmt.ocx
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NNSvc - Looksmart, Ltd. - C:\Program Files\Net Nanny\nnsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Close all programs leaving only HijackThis running. Place a check against each of the following,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
Click on Fix Checked when finished and exit HijackThis.

To help keep your PC clean follow the recommendations in Tony Klein's article
So how did I get infected in the first place? (http://forums.security-central.us/showthread.php?t=321)

As the problem appears to be resolved this topic has been archived.

If you need it re-opened please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.