hi i need help

Logfile of HijackThis v1.97.7
Scan saved at 7:44:17 AM, on 6/13/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ISS\BlackICE\blackd.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\Program Files\ISS\BlackICE\blackice.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\ISS\BlackICE\rapapp.exe
C:\Program Files\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
C:\Program Files\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\gabriel\My Documents\my downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://djmax60514.webcindario.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*windowsupdate.microsoft.com;
*windowsupdate.com;*wustat.windows.com;*profiles.yahoo.com;*.pogo.com;*.autotrader.com;*test-speed.com;<local>
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://yahoo.sbc.com/dsl
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\gabriel\Application Data\Mozilla\Profiles\default\mhsonjl2.slt\prefs.js)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\X1IEBHO.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O4 - HKCU\..\Run: [WTSS] C:\WINDOWS\System32\wapisvsu.exe
O4 - HKCU\..\RunOnce: [untd_recovery] C:\Program Files\NetZero\qsacc\x1exec.exe
O4 - Global Startup: BlackICE PC Protection.lnk = C:\Program Files\ISS\BlackICE\blackice.exe
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Sidesearch (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O10 - Broken Internet access because of LSP provider 'c:\progra~1\newdot~1\newdot~1.dll' missing
O16 - DPF: {11111111-1111-1111-1111-111111111123} - file://c:\Recycled\1.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://www2.flingstone.com/cab/2000XP/CDTInc/bridge.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38074.435162037
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://download.yahoo.com/dl/mail/ac4sbc.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6834293-90E4-4434-BE2C-F1A55D3729DE}: NameServer = 64.136.28.120 64.136.28.133

i want to fix it I have one problem went i start i recivi a meseges from clickspring need to conect to internet and i now that is a spyware rigth!!!
well i use spyhunter and ad-ware 6.0 please tell me what to fix

 

Hi djmax60514

These are the harmful things you need to fix (that first one is Clickspring). To remove them follow these steps.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an x in the boxes next to these items, then press *fix checked*

O4 - HKCU\..\Run: [WTSS] C:\WINDOWS\System32\wapisvsu.exe

O16 - DPF: {11111111-1111-1111-1111-111111111123} - file://c:\Recycled\1.exe

O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://www2.flingstone.com/cab/2000XP/CDTInc/bridge.cab

Reboot your PC

Delete: C:\WINDOWS\System32\wapisvsu.exe

You have no Service packs on your WinXP or on IE. You need to go to Windows update and get ALL the recommended critical security updates ASAP, otherwise you are going to be fighting infections constantly as today's new malware is using exploits in unpatched systems to silently install on you.
http://v4.windowsupdate.microsoft.com/en/default.asp
................................................
Additionally this entry in your log indicates a leftover problem from improper removal of Newdot.Net
(O10 - Broken Internet access because of LSP provider 'c:\progra~1\newdot~1\newdot~1.dll' missing)

To fix it download LSPfix here:
http://www.cexx.org/lspfix.htm

Start the program and then check the I know what I'm doing box.

Disconnect from the internet.

Move all instances of newdotnet to the Remove pane. click the Finish Button.
..................................................
Optional - Do you really want all those search settings by NetZero and Yahoo plus their tools bars? They can be removed safely using Hijackthis.

...................................................
More Optional but recommended:

While Adaware is a great antispyware scanner and well respected, Spyhunter iis not. It is put out by a company who marketing tactics are dubious at best and many question it's effectiveness. Most of us use Spybot Search & Destroy in addition to Adaware and it is FREE and much more reliable and effective - it does not require you to pay anything to remove items it finds. It is strictly donationware - donate if you choose to. If I were you I would get rid of Spyhunter and use Adaware and Spybot instead.
Here is the link
Download Spybot Search and Destroy
http://www.safer-networking.org/