Okay, I'm currently working on a relatives computer which is having some serious malware problems. THe symptoms thus far have included excessive pop-ups, random programs installing themselves, mostly anti-spyware/adware programs, and most recently when anyone logs into any account on the system, explorer.exe will continues start and end, causing the desktop to blink on and off repeatedly. I've managed "disable" explorer.exe and use the "Run" through the task manager to work around the problem and have been able to us some programs I have on an external HDD to get online via firefox Portable. I've managed to run hijackthis.

here is the logfile.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 1:09:27 PM, on 8/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\TGVvbmEgUGVpcmlz\command.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\qwerty12.exe
E:\Files\Programs\FirefoxPortable\App\firefox\firefox.exe
E:\Malware Removal Software\Hijack This\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: (no name) - {00b0fd20-7ac3-43c9-8b4e-fa6e7dc9f9e9} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: 0 - {05A995D0-26B8-42D0-D39D-07237AA0315A} - C:\Program Files\Internet Explorer\qufaxyl.dll
O2 - BHO: (no name) - {062492AF-392E-479D-BF52-A7A4BCA00307} - C:\WINDOWS\compstuic.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0b2b3ffa-c801-42a1-8826-124d4a8d92d4} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {0B5F7FDF-0717-45BF-B49D-695F3168C7FE} - C:\WINDOWS\admparsek.dll
O2 - BHO: (no name) - {0e59c456-9916-432e-b857-78d0ff5c4382} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {1050168b-ed1b-468c-94e8-eed03396d1f1} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {11111111-2222-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\podpis.dll
O2 - BHO: (no name) - {13cc925b-7e00-433f-8fd4-403228432e4b} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {1769178E-8D6E-FF99-4B14-828DCE50D5BB} - C:\WINDOWS\system32\ekhxtmr.dll
O2 - BHO: (no name) - {17d14d7b-b825-4cb3-b90d-2af5c456d239} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: CIEIntegrator Object - {22750ADC-C90F-43C4-9B72-0F9E60CB5119} - C:\Program Files\WinAntiVirus Pro 2007\winavpgi.dll
O2 - BHO: (no name) - {292c564c-26c6-4535-a470-26ebcb74bd13} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {328dda83-717e-4414-8481-ce966e2ad8d0} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {34151e9a-2dc8-4e16-aa7d-34205eef224a} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: Bho - {4DF3383C-ACB0-40f3-BCF0-4B09F48D1AB8} - C:\WINDOWS\system32\mtfisvfi.dll
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll (file missing)
O2 - BHO: (no name) - {52a0a5de-0e46-4288-bb9e-5724f9658b80} - C:\WINDOWS\system32\log875.dll
O2 - BHO: (no name) - {555FF497-8DAA-4DB3-A5B7-007DC2249F93} - \
O2 - BHO: IEFW Object - {67121D62-2C97-4EF0-83EA-2DC643D50B01} - C:\Program Files\WinAntiVirus Pro 2007\fwbho.dll
O2 - BHO: (no name) - {6F8FF8BA-3E0D-4FFE-7A77-34B67D3DFEB8} - C:\WINDOWS\system32\cbgipnjq.dll
O2 - BHO: (no name) - {80da9dd1-6191-4787-8c54-75c43aaf6770} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {811d7a66-ad56-4daa-97e9-3717842153a3} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {8138b599-7bde-4488-b800-4edb329feb16} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {8248d694-d4ea-4f5d-85f7-b723239f5546} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\tmp34.tmp.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {9aae9f10-7fa5-4608-bc0f-9e70ee877649} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00301} - C:\WINDOWS\adsldpbm.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00302} - C:\WINDOWS\system32\adsldpbx.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00303} - C:\WINDOWS\system32\adsldpby.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00304} - C:\WINDOWS\system32\adsldpbz.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00305} - C:\WINDOWS\system32\compstuia.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00306} - C:\WINDOWS\compstuib.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00309} - C:\WINDOWS\system32\compstuid.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00311} - C:\WINDOWS\compstuig.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00320} - C:\WINDOWS\system32\compstuif.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00401} - C:\WINDOWS\system32\fontexta.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00402} - C:\WINDOWS\system32\fontextb.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00403} - C:\WINDOWS\system32\fontextc.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00404} - C:\WINDOWS\system32\fontextd.dll (file missing)
O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00405} - C:\WINDOWS\fontexte.dll (file missing)
O2 - BHO: (no name) - {B04F7B32-B070-45A9-8670-2CE44F6281C7} - \
O2 - BHO: (no name) - {bb39ebb0-33d1-45ed-bb00-cab4bdadbdeb} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {c07f5831-d178-4505-aa6d-a0d1bd789429} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {ccff8cfc-df25-48b4-b70c-0aafba8656d7} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {D1159422-16E3-462F-A93D-FB718E100407} - C:\WINDOWS\system32\d3dxofa.dll
O2 - BHO: (no name) - {d3c996e3-28e6-4091-9877-9460f7e8e5ef} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {D4C5947D-16E3-462F-A93D-FB718E100406} - C:\WINDOWS\system32\fontext_a.dll (file missing)
O2 - BHO: (no name) - {DDEC2387-6435-46B6-AF8C-1075F6EBF08B} - C:\WINDOWS\system32\admparsez.dll
O2 - BHO: (no name) - {DF00FFA0-AEA9-4EA8-A10F-8BB9A7F8508C} - C:\WINDOWS\system32\adsldpbm.dll (file missing)
O2 - BHO: (no name) - {dfb19108-4a35-43c4-870e-a1b93c4d09af} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {E55C27EA-AC00-4C1B-B753-89FBB593294A} - C:\Program Files\MSN Gaming Zone\mesof.dll
O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - C:\WINDOWS\system32\ssqrq.dll
O2 - BHO: (no name) - {ebc97776-1a0e-4f81-b654-8510f346e25c} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {ece344fe-3b0b-4a5b-8cde-a044581e2146} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {eec9f4c3-f91c-4dd8-8c1b-b386bd9e4b56} - C:\WINDOWS\system32\hmourang.dll
O2 - BHO: (no name) - {f0f752c8-7edf-4357-b337-6b569c012ead} - C:\WINDOWS\system32\hmourang.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinAntiVirus Pro 2007] "C:\Program Files\WinAntiVirus Pro 2007\WinAV.exe" /min
O4 - HKLM\..\Run: [MAV_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe"
O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\DNSE.exe" -c
O4 - HKLM\..\Run: [poolsv] "C:\WINDOWS\poolsv.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu77.exe 61A847B5BBF72815358B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\nwinkodt.exe CHD003
O4 - HKLM\..\Run: [winehq.org] rundll32.exe "C:\WINDOWS\jkjjki.dll",realset
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://winantivirus.com/download/2007/download.php?file=2&aid=dn_kn_swmplx2_us_en_ed2&lid=keyin&affid=dn__{52a0a5de-0e46-4288-bb9e-5724f9658b80}&lng=en&cnt=us
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://www.winantivirus.com/download...=pp_1149733525
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\LEONAP~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab
O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\system32\cfgmngr321.dll
O20 - Winlogon Notify: harddll - C:\WINDOWS\system32\harddll.dll
O20 - Winlogon Notify: ibywxwyo - C:\WINDOWS\SYSTEM32\ibywxwyo.dll
O20 - Winlogon Notify: log875 - C:\WINDOWS\SYSTEM32\log875.dll
O20 - Winlogon Notify: ssqrq - C:\WINDOWS\SYSTEM32\ssqrq.dll
O20 - Winlogon Notify: waveutil - C:\WINDOWS\system32\waveutil.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Windows Updater - {B29BE267-3A64-4F7E-8A57-75FB5E900509} - C:\WINDOWS\system32\cfgmngr321.dll
O22 - SharedTaskScheduler: Master Browseui - {0B5F7FDF-0717-45BF-B49D-695F3168C7FE} - C:\WINDOWS\admparsek.dll
O22 - SharedTaskScheduler: z - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00401} - C:\WINDOWS\system32\fontexta.dll (file missing)
O22 - SharedTaskScheduler: z - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00402} - C:\WINDOWS\system32\fontextb.dll (file missing)
O22 - SharedTaskScheduler: z - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00403} - C:\WINDOWS\system32\fontextc.dll (file missing)
O22 - SharedTaskScheduler: z - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00404} - C:\WINDOWS\system32\fontextd.dll (file missing)
O22 - SharedTaskScheduler: z - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00405} - C:\WINDOWS\fontexte.dll (file missing)
O22 - SharedTaskScheduler: Master Browseui - {DDEC2387-6435-46B6-AF8C-1075F6EBF08B} - C:\WINDOWS\system32\admparsez.dll
O22 - SharedTaskScheduler: z - {D4C5947D-16E3-462F-A93D-FB718E100406} - C:\WINDOWS\system32\fontext_a.dll (file missing)
O22 - SharedTaskScheduler: za - {D1159422-16E3-462F-A93D-FB718E100407} - C:\WINDOWS\system32\d3dxofa.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TGVvbmEgUGVpcmlz\command.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\qwerty12.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: Firewall service (NtTf) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2007\NtFt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 14884 bytes


I also noticed that a program called "qwerty12.exe" is present and running on the system and I can't disable it.

I've got most of the programs I may need to run(vundo,ATF, AVG,ect...) on my external, I just need to know what to do.

Any help would be appreciated. Thanks.