Hotxxx aghh please help!!!!

As with loads of people, ive got the dreaded hotxxx dialer on my computer. It comes on randomly and then disconects me from the net. When this happens, a file named analsex.exe also comes on to my computer in c/windows. This is serious because I need the internet for work. Any help will be much apreciated.
My Ad-aware log is below, my HJT log is also avaliable is needed.

 

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :13 July 2004 09:58:29
Created with Ad-aware Personal, free for private use.
Using reference-file :01R332 12.07.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R331 08.07.2004
Internal build : 263
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 1300142 Bytes
Signature data size : 1279388 Bytes
Reference data size : 20690 Bytes
Signatures total : 28395
Target categories : 10
Target families : 519
13-07-04 08:59:28 Performing Webupdate...

Installing Update...
Reference file loaded:
Reference Number : 01R332 12.07.2004
Internal build : 264
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 1304680 Bytes
Signature data size : 1283888 Bytes
Reference data size : 20728 Bytes
Signatures total : 28484
Target categories : 10
Target families : 520

13-07-04 09:05:08 Success.
Update successfully downlodaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:27 %
Total physical memory:228796 kb
Available physical memory:2584 kb
Total page file size:1868352 kb
Available on page file:1706564 kb
Total virtual memory:2093056 kb
Available virtual memory:2039552 kb
OS:Windows (9

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file


13-07-04 09:58:29 - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293909183
Threads : 6
Priority : High
FileSize : 460 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1991-1999
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:21
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294962715
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:53
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:3 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294908299
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:38:29
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:4 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294916419
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 08/01/01 20:39:09
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:5 [sagent2.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\
ProcessID : 4294914223
Threads : 17
Priority : Normal
FileSize : 110 KB
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 0
Copyright : Copyright (C) SEIKO EPSON CORP. 2000
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
OriginalFilename : SAgent2.exe
ProductName : EPSON Bidirectional Printer
Created on : 15/07/01 14:38:24
Last accessed : 12/07/04 23:00:00
Last modified : 22/06/00

#:6 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294876139
Threads : 2
Priority : Normal
FileSize : 109 KB
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
Copyright : Copyright (C) Microsoft Corp. 2000
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 18/06/01 11:33:20
Last accessed : 12/07/04 23:00:00
Last modified : 18/06/01 11:33:20

#:7 [ssdpsrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294874851
Threads : 5
Priority : Normal
FileSize : 55 KB
FileVersion : 4.90.3003.0
ProductVersion : 4.90.3003.0
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
OriginalFilename : ssdpsrv.exe
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 26/02/04 19:39:37
Last accessed : 12/07/04 23:00:00
Last modified : 25/03/02 18:51:04

#:8 [rpcss.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294854291
Threads : 5
Priority : Normal
FileSize : 20 KB
FileVersion : 4.71.2900
ProductVersion : 4.71.2900
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : Distributed COM Services
InternalName : rpcss.exe
OriginalFilename : rpcss.exe
ProductName : Microsoft(R) Windows NT(TM) Operating System
Created on : 08/01/01 20:38:31
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:9 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294822451
Threads : 17
Priority : Normal
FileSize : 176 KB
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
Copyright : Copyright (C) Microsoft Corp. 1981-1997
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 08/01/01 20:38:26
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:10 [taskmon.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294800983
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1998
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
OriginalFilename : TASKMON.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:57
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:11 [systray.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294798771
Threads : 2
Priority : Normal
FileSize : 32 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
OriginalFilename : SYSTRAY.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:56
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:12 [point32.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\
ProcessID : 4294747539
Threads : 1
Priority : Normal
FileSize : 64 KB
Created on : 17/05/00 10:50:02
Last accessed : 12/07/04 23:00:00
Last modified : 27/09/99 19:19:52

#:13 [navapw32.exe]
FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
ProcessID : 4294708155
Threads : 6
Priority : Normal
FileSize : 48 KB
FileVersion : 6.10.20.28
ProductVersion : 6.10.20.28
Copyright : Copyright (C) Symantec Corporation 1991-2000
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Agent
InternalName : NAVAPW32
OriginalFilename : NAVAPW32.DLL
ProductName : Norton AntiVirus
Created on : 10/05/00 00:14:56
Last accessed : 12/07/04 23:00:00
Last modified : 09/05/00 05:00:00

#:14 [stimon.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294706903
Threads : 3
Priority : Normal
FileSize : 112 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1996-1998
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:56
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:15 [directcd.exe]
FilePath : C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\
ProcessID : 4294708423
Threads : 1
Priority : Normal
FileSize : 628 KB
FileVersion : 5.01 (153)
ProductVersion : 5.01 (153)
Copyright : Copyright
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : Directcd.exe
ProductName : DirectCD
Created on : 09/05/01 09:17:12
Last accessed : 12/07/04 23:00:00
Last modified : 09/05/01 09:17:12

#:16 [loadqm.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294718791
Threads : 3
Priority : Normal
FileSize : 7 KB
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
OriginalFilename : LOADQM.EXE
ProductName : QMgr Loader
Created on : 22/05/03 06:07:33
Last accessed : 12/07/04 23:00:00
Last modified : 03/05/00 16:23:10

#:17 [disk_monitor.exe]
FilePath : C:\PROGRAM FILES\GENERIC\USB CARD READER DRIVER V1.7\
ProcessID : 4294737491
Threads : 1
Priority : Normal
FileSize : 422 KB
FileVersion : 1.4.610.1
ProductVersion : 1.4.0610.1
Copyright : Copyright (C) Neodio Corp. 2001
CompanyName : Neodio Corp.
FileDescription : Disk Monitor
InternalName : Disk Monitor
OriginalFilename : Disk_Monitor.exe
ProductName : Disk Monitor
Created on : 13/06/02 09:34:04
Last accessed : 12/07/04 23:00:00
Last modified : 13/06/02 09:34:06

#:18 [umsd.exe]
FilePath : C:\PROGRAM FILES\UMSD TOOLS2.33\
ProcessID : 4294674539
Threads : 1
Priority : Normal
FileSize : 228 KB
FileVersion : 2, 3, 3, 2
ProductVersion : 2, 3, 3, 2
Copyright : Copyright c 2002
FileDescription : UMSD
InternalName : UMSD
OriginalFilename : UMSD.exe
ProductName : UMSD
Created on : 20/12/03 16:50:50
Last accessed : 12/07/04 23:00:00
Last modified : 23/09/02 08:16:46

#:19 [rundll32.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294680691
Threads : 5
Priority : Normal
FileSize : 24 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1991-1998
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:55
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:20 [upd.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\TOTEM SHARED\UNINSTALL0002\
ProcessID : 4294695955
Threads : 2
Priority : Normal
FileSize : 56 KB
Created on : 15/03/04 13:31:12
Last accessed : 12/07/04 23:00:00
Last modified : 15/03/04 13:31:14

#:21 [winampa.exe]
FilePath : C:\PROGRAM FILES\WINAMP\
ProcessID : 4294797199
Threads : 1
Priority : Normal
FileSize : 33 KB
Created on : 12/12/03 23:50:34
Last accessed : 12/07/04 23:00:00
Last modified : 12/12/03 23:50:34

#:22 [realsched.exe]
FilePath : C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\
ProcessID : 4294678587
Threads : 2
Priority : Normal
FileSize : 176 KB
FileVersion : 0.1.0.3018
ProductVersion : 0.1.0.3018
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealPlayer (32-bit)
Created on : 12/04/04 18:40:50
Last accessed : 12/07/04 23:00:00
Last modified : 12/04/04 18:40:52

#:23 [ssvr.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294662255
Threads : 3
Priority : Normal
FileSize : 30 KB
Created on : 24/06/04 16:52:44
Last accessed : 12/07/04 23:00:00
Last modified : 24/06/04 16:52:44

#:24 [popupkiller.exe]
FilePath : C:\PROGRAM FILES\POPUP KILLER\
ProcessID : 4294665147
Threads : 2
Priority : Normal
FileSize : 103 KB
Copyright : mpa
Created on : 24/09/99 14:32:00
Last accessed : 12/07/04 23:00:00
Last modified : 19/10/01 03:22:14

#:25 [dsb.exe]
FilePath : C:\PROGRAM FILES\DSB\
ProcessID : 4294610963
Threads : 6
Priority : Normal
FileSize : 23 KB
Created on : 04/06/98 23:00:00
Last accessed : 12/07/04 23:00:00
Last modified : 04/06/98 23:00:00

#:26 [a2guard.exe]
FilePath : C:\PROGRAM FILES\A2\
ProcessID : 4294607387
Threads : 2
Priority : Normal
FileSize : 608 KB
Created on : 13/12/03 15:01:19
Last accessed : 12/07/04 23:00:00
Last modified : 13/12/03 15:01:20

#:27 [spool32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294553887
Threads : 2
Priority : Normal
FileSize : 44 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1994 - 1998
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
OriginalFilename : spool32.exe
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 08/01/01 20:40:56
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:28 [msoffice.exe]
FilePath : C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\
ProcessID : 4294513119
Threads : 2
Priority : Normal
FileSize : 396 KB
FileVersion : 9.0.2601
ProductVersion : 9.0.2601
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Office 2000 component
InternalName : MSOFFICE
OriginalFilename : MSOFFICE.EXE
ProductName : Microsoft Office 2000
Created on : 01/02/99 14:53:24
Last accessed : 12/07/04 23:00:00
Last modified : 01/02/99 14:53:24

#:29 [wmiexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294568531
Threads : 3
Priority : Normal
FileSize : 16 KB
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
OriginalFilename : wmiexe.exe
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 08/01/01 20:40:59
Last accessed : 12/07/04 23:00:00
Last modified : 23/04/99 21:22:00

#:30 [msnmsgr.exe]
FilePath : C:\PROGRAM FILES\MSN MESSENGER\
ProcessID : 4293198551
Threads : 19
Priority : Normal
FileSize : 4768 KB
FileVersion : 6.2.0137
ProductVersion : Version 6.2
Copyright : Copyright (c) Microsoft Corporation 1997-2004
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : MSN Messenger
Created on : 28/05/04 14:22:04
Last accessed : 12/07/04 23:00:00
Last modified : 28/05/04 14:22:04

#:31 [ddhelp.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293130171
Threads : 2
Priority : Realtime
FileSize : 31 KB
FileVersion : 4.08.01.0881
ProductVersion : 4.08.01.0881
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
OriginalFilename : DDHelp.exe
ProductName : Microsoft
Created on : 30/10/01 07:10:00
Last accessed : 12/07/04 23:00:00
Last modified : 30/10/01 07:10:00

#:32 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4293205575
Threads : 4
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 28/01/04 08:18:43
Last accessed : 12/07/04 23:00:00
Last modified : 12/07/03 21:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Tracking Cookie Object recognized!
Type : File
Data : terry crew@promo.match[2].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\

Created on : 13/07/04 07:54:39
Last accessed : 12/07/04 23:00:00
Last modified : 13/07/04 07:54:40



Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 1


Scanning Hosts file(C:\WINDOWS\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
0 entries scanned.
New objects :0
Objects found so far: 1




Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 1


10:22:18 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:23:48:610
Objects scanned :111039
Objects identified :1
Objects ignored :0
New objects :1

 

Hi micas28,

Yes, we will need a Hijackthis log. Make sure you are using the most recent version: Hijackthis 1.98.0-hotfix.

Create a permanent folder on your C: drive (example: C:\HJT\ ) and unzip the HijackThis.exe into the permanent folder. HijackThis must run from it's own folder and not the Desktop or Temp folders. It creates backups in the folder it is ran from, so if you should delete something you needed, you will be able to restore it from the backups.

Copy and paste the log here in your next reply and someone will review it as soon as possible.

Regards,

snap

 

HJT Log as requested.

Logfile of HijackThis v1.98.0
Scan saved at 14:47:10, on 19/07/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\GENERIC\USB CARD READER DRIVER V1.7\DISK_MONITOR.EXE
C:\PROGRAM FILES\UMSD TOOLS2.33\UMSD.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\MSOCFG.EXE
C:\PROGRAM FILES\A2\A2GUARD.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\1033\MSOFFICE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\ANALSEX.EXE
C:\WINDOWS\TEMP\SVCHORS.EXE
C:\DATA\VIRUS AND SPYWARE\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pureseeker.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BTopenworld
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.7\Disk_Monitor.exe
O4 - HKLM\..\Run: [PLoader] c:\program files\umsd tools2.33\umsd.exe sys_auto_run C:\PROGRAM FILES\UMSD TOOLS2.33
O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [DiskMonitor] C:\\Disk_Monitor.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PopUpKiller] C:\PROGRAM FILES\POPUP KILLER\POPUPKILLER.EXE
O4 - HKLM\..\Run: [SchedulerMgr] C:\WINDOWS\msocfg.exe /i
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKCU\..\Run: [a²] "C:\PROGRAM FILES\A2\a2guard.exe"
O4 - Startup: Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE
O4 - Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - User Startup: Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE
O4 - User Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - User Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O16 - DPF: {7944C497-34C7-11D3-B09C-00C04F612FF1} - http://chat.msn.co.uk/bin/msnchat.cab
O16 - DPF: {81361155-FAF9-11D3-B0D3-00C04F612FF1} - http://fdl.msn.com/public/chat/en-gb/msnchat3.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://cs6.chat.yahoo.com/v/yacscom.cab
O16 - DPF: {E98B87EE-3FCB-11D3-8A62-00C0F03C3792} (FTWL Class) - http://download1.firetalk.com/FireTalk/MFT_Test/FTWebLauncher.cab
O16 - DPF: SMapplet - https://www.nwolb.co.uk/nwol/rbs_html/classes/SMapplet.cab
O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} - http://www.zoomify.com/download/zoomify214.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - https://register.btopenworld.com/templates/btwebcontrol.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/yiebio5_1_5_0.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {C56CE781-A6FC-4706-8B32-6EB4622155DF} (MediaConnect Control) - http://plugin.euro-infomedia.com/mpv0.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = BAYFORD

 

Hi micas28,

I see you have posted a AdAware log and Hijackthis log at the Lavasoft forum and presently being assisted there: http://www.lavasoftsupport.com/index.php?showtopic=36807

Please follow up with your thread at Lavasoft. If you have any other questions afterwards, you can post back here for assistance.

Regards,

snap