I have been attempting to play Starcraft, and it insists on minimizing over and over. Also, I have been running TrendMicro Anti-Spyware, and it keeps finding something called Command Desktop, but it cannot delete it.

HJT:

Logfile of HijackThis v1.99.1
Scan saved at 11:41:19 AM, on 4/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 210.0.200.3:80
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,ufjtgpy.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/raptisoftgameloader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktanks/BTDownloadCtrl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: ModuleUsage - C:\WINDOWS\system32\cdmdlg32.dll (file missing)
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Any help is of course appreciated.

Hello and welcome to the forum. We have several issues and won't be able to do them all at once. Let's start with the first two like this, and the directions must be followed exactly.

1) You are running two antivirus programs at the same time, Norton and Mcafee and this is not a good thing. They conflict with each other and you will be less safe than if you ran one good program and maintained it properly. Uninstall one, update the one you keep and run a complete system scan, post for me any item that can't be removed, the complete name and pathway.
See this >>> http://service1.symantec.com/SUPPORT/nav.nsf/docid/2000031316555206

Thanks to LonnyRJones and any others who helped with this fix.

2) Download Brute Force Uninstaller to your C:\
http://www.merijn.org/files/bfu.zip
Unzip it to a folder of its own (C:\BFU). So BFU should be on your root. In most cases this is C:\
Download qoofix.bat: http://downloads.subratam.org/Lon/qooFix.bat
(rightclick on this link and choose save as)
Place qoofix.bat in your C:\BFU - folder. (Important!)
Doubleclick qooFix.bat, Close all browsers and explorer folders.
Choose option 1 (Qoolfix autofix) and follow the prompts.
Please be patient, it will take about five minutes.
After the PC has restarted please post another hijackthis log.

Thanks...pskelley
Safer Networking Forums

I'm sorry to say that I did not get very far through your fixes. I uninstalled everything Mcafee on my computer, and now I'm completely unable to access the internet. Other computers connected to my router are perfectly able to do so; just this one computer cannot anymore.

I know we're getting out of the realm of expertise here, but do you have any ideas as to a solution to this problem? I can't call McAfee to rip them a new one until 5am, so if you can come up with something before then, I'd be much obliged.:scratch:

Let me say also that my current internet connection is functional on that computer, and that I'm able to ping www.yahoo.com through the dos prompt. Just no dice further than there.

My ISP says "Ha ha you screwed with McAfee good luck".

Thoughts?

You are saying just uninstalling McAfee's program caused you to loose your internet connection? I have not heard of that before and I would surely contact them to see if they can help. Here are couple of things you can try.

1) Contact your Internet Service Provider and let them know what you did. Have them check your settings, perhaps some change was caused bby removing the program, though I do not see why?

2) Here are two possible tools that may restore it if there is a problem in this area:
http://www.snapfiles.com/get/winsockxpfix.html
http://www.cexx.org/lspfix.htm

3)
My ISP says "Ha ha you screwed with McAfee good luck".Did your ISP really say that:scratch: People remove and install different antivirus program all of the time, this should have nothing to do with your internet connection. I would think your ISP should be doing all they can to fix the issue. Who is the ISP?

4) I can also say this Qoologic worm is have is very nasty, and it is hard to say what effect it is having on your System, the sooner you can get it off the better.

5) You have this ProxyServer set for this computer, is it valid?
http://whois.domaintools.com/210.0.200.3

Keep me posted of your progress.

Thanks...Phil

Ok, here's the update.

I ran one the two programs you gave me to run, to no avail. I also ran qoofix.bat, it seems to have worked its mojo but it didn't get me back on the internet.

The only thing from your post that is a mystery to me is the proxy server. I don't use a proxy server, and none of my programs are set to connect through a proxy server. Is there something in my system somewhere that would have set a proxy server universally?

Still stumped. Calling McAfee tonight when I get home from work - I really appreciate your help.

Thanks for keeping me informed. I still can not comprehend how removing McAfee is causing connections problems, maybe they can shine more light on it? How did you wind up with two powerful antivirus programs like that at the same time. That had to be causing conflicts from day one, at the very least, making you less protected and slowing your computer considerably.

Did you click the link I posted showing where the proxy is being directed? Does that mean anything to you? There is not doubt it is there and it does not look like malware.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 210.0.200.3:80
Using port 80 to access the internet. If it does not belong there, ask the ISP for help removing it. That's if they have time to help someone who is paying for their service...:p

Here is some information, but it would be best if the ISP is involved.
http://library.austincc.edu/eresources/remove.htm
http://support.mcihispeed.net/mu/500/psc/img/walkthroughs/windows_9x_nt/browsers/ie_6.0/8445.mci.html

Here is the Google on connection issues:
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLG,GGLG:2006-16,GGLG:en&q=troubleshoot+internet+connection+issues

Some information about that trojan, if it is gone, that would be a very good thing. That tool is supposed to remove it.
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=43264

If I remember correctly the balance of the stuff in your log is just clutter, if you can post a HJT log I will make sure the trojan is gone and give you instructions for the rest of the cleanup.
Connection issues are not my forte' but if questions come up I will do my best to help. You can PM me if you need a quick answer (if I have it:) )
http://forums.spybot.info/member.php?find=lastposter&t=3831

Thanks...Phil

As I said, I'll be calling McAfee tonight to see what they say. Otherwise I think I'm going to start getting nastier with my ISP.

NO idea about the proxy. I never set a proxy server up, and as I said none of my programs are set up to connect thru a proxy. It is worth noting that the only post in this thread that came from that computer is the first one; the other posts are from other computers.

I will call McAfee tonight and keep you posted. Thanks again.

Sorry, one last question-

Can you tell me where you got that proxy information? Thanks!

So here's the update:

I tried to call McAfee, but of course they don't have a free customer service number. I have to pay 39 bucks to get customer service, and the idea of paying a company 40 bucks to essentially fix a problem where I'm being punished by the program for uninstalling it makes me want to punch a wall. I'm going to call my ISP once again and kind of beg them to help me - I still am concerned about this proxy issue, and I think there are just a few more things I might try.

Will keep you posted.

Have you considered doing a System Restore back before you removed any McAfee stuff to see if you can connect. If you can then you would have more time to figure out how to get McAfee off your computer without having that problem. I also run McAfee VSO and way back when I had earlier version the uninstall was always a problem. I do know (it has been a while) I contacted a tech in a chatroom free. You might try here:
http://ts.mcafeehelp.com/default.asp?siteID=1&cnrcheck=done&resolution=1024x768 or look over the Google:
http://www.google.com/search?hl=en&q=McAfee+technical+support&btnG=Google+Search

If you wish to use System Restore:
http://www.microsoft.com/windowsxp/using/helpandsupport/getstarted/ballew_03may19.mspx
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx
http://xphelpandsupport.mvps.org/restoring_your_system_with_syste.htm

Hope this helps...Phil

Ok, final update.

I've exhausted my patience with McAfee and my ISP. I'm nearly prepared to reformat. Here is the final question.

I spoke with the tech help firm that does support for my business. Besides wanting to charge me $75 for the fix, he did clue me in that the proxy server reference might play a key role in this problem. He said that there was a possibility that the trojan had set up a proxy server for my system to redirect all of my information through, and that if that was the case, removing the trojan (or McAfee for that matter) could disrupt that delicate balance and get everything all F'ed.

So here's the question - none of my programs are currently configured to use a proxy server. Is there any way that this bug could have set up a proxy server for my computer to use universally (that is, all programs must use it)? If so, is there any way to debug this problem? Thanks again for your help - if this fix comes up empty-handed, I'll be reformatting.

Looks like I got in just before you. Have you consider the System Restore option?
I will try to respond, this is way out of my area. As I said, this does not look like a hijack: http://whois.domaintools.com/210.0.200.3
but I could be wrong. Do you know that company at all, was this computer ever a work computer? I also posted two links showing you how to remove that Proxy, if you do not know it, I would remove it. I am going to ask one of the experts here to take a look if he has time. He may post information for you.

Thanks...Phil

The saga continues...

The proxy server was a red herring - it was something I had used in IE before, and disabled but never deleted. Deleting it, of course, had no effect.

New lead though. I finally figured out the supervisor password (believe it or not it was nothing. What a joke.) for Norton Internet Security, and am currently uninstalling it. We shall see if this helps - if not, I'm going to try the restore.

Unbelievably, uninstalling Norton has me back online. I am once again online and trojan-free!

Thanks for your help!

And, it appears, sadly, perhaps not. Still getting the "Starcraft won't stop minimizing" crap that started this mess.

HJT LOG:
Logfile of HijackThis v1.99.1
Scan saved at 9:28:23 PM, on 4/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Insight\BBClient\Programs\RegCon.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/raptisoftgameloader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktanks/BTDownloadCtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{45FE112A-C473-4B3F-9651-CA1EE5F6C359}: Domain = sinfonia.org
O17 - HKLM\System\CCS\Services\Tcpip\..\{45FE112A-C473-4B3F-9651-CA1EE5F6C359}: NameServer = 192.168.1.100 192.168.1.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{45FE112A-C473-4B3F-9651-CA1EE5F6C359}: Domain = sinfonia.org
O17 - HKLM\System\CS1\Services\Tcpip\..\{45FE112A-C473-4B3F-9651-CA1EE5F6C359}: NameServer = 192.168.1.100 192.168.1.100
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Now that I've ruled out the "my internet won't work" problem, and done everything else you suggested, any thoughts?

OK, before I start, let me ask a question or two and post an observation.

First, this
"Starcraft won't stop minimizing" what exactly is that? Have you considered the possibility it is the program that is corrupt and you might need to install it again. You may want to try here: http://www.blizzard.com/support/

I can not believe simply removing Norton corrected the connection issue:scratch: Now I see no antivirus program which is probably the only thing worse than running two. If you need a free one, here are two to choose from. http://free.grisoft.com/freeweb.php
http://www.avast.com/eng/avast_4_home.html
I will say being familiar with AVG, it is a good program, just no tech support, but you know how good tech support is when you pay for the product...lol
I need to let you know you still have a Symantec item running in your services. I believe you should at least disable it:
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Let's continue with some cleaning like this:

Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe (file missing)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ra...gameloader.cab

Close all programs but HJT and all browser windows, then click on "Fix Checked"

(if you clean the Prefetch yourselt you can skip that step, if not follow the directions)

Enable hidden files&folders..reverse the process when finished.
http://www.xtra.co.nz/help/0,,4155-1916458,00.html

RIGHT Click on Start then click on Explore. Locate and delete these items:

C:\Windows\Prefetch\ >>> delete the contents (NOT THE FOLDER)
Prefetch info: http://www.windowsnetworking.com/articles_tutorials/Gaining-Speed-Empty-Prefetch-XP.html

I suggest a good cleaning:
Download CCleaner from this link: http://www.ccleaner.com/ Review the instructions http://www.ccleaner.com/help/tour1.asp
Run CCleaner, Windows & Applications when you run the registry cleaner (Issues) you will be prompted to backup before you can remove stuff, make sure you do.

Restart the computer and post a new HJT log, let me know how you are running now. Please post any information I requested above and your comments and questions.

Thanks...Phil

OK - all steps completed. I figured out why Starcraft won't stop minimizing, but first, here is the new log.

Logfile of HijackThis v1.99.1
Scan saved at 8:27:16 PM, on 4/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Insight\BBClient\Programs\RegCon.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktanks/BTDownloadCtrl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

I disabled the popup-blocker on IE and it revealed that for some reason, opening Starcraft makes popups appear, which steals the focus from Starcraft and minimizes it. Also, I have a new symptom wherein random seemingly un-stoppable voices talk about internet ad related things with no window to show for them. Perhaps I'm going nuts, but I swear I hear it.

First let me say your HJT log has no signs of malware so here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://boards.cexx.org/viewtopic.php?t=957
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

I use a basic Google toolbar with no resource wasting frills: http://toolbar.google.com/ so I can't look at the IE popup blocker, but you should have an option to allow popups for certain sites so you can continue to block the ones you do not want. Google has this feature so IE probably does also.

I will say I have had websites open with audio playing and moved on without closing it. The audio continued to play until I went back and closed the link to the audio. That's about all I can tell you about that issue, but you seem to be good at troubleshooting and I am sure you will find a solution.

Because we removed at least one nasty infection I suggest you clean the System Restore files.
System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam

Safe surfing to you:bigthumb:

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.