Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {2C014816-5BD4-4166-85EA-62FE05E517C3} - C:\WINDOWS\sconf32.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178753474374
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.putfile.com/includes/ImageUploader4-5.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{032DAB44-7B6C-4EA9-9B34-D5E9A222DF33}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{22848D25-9E32-4BFB-83F8-420A66DA16E2}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{309BDC10-810D-4960-8288-D5AA45039835}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B96078C-9275-4BF9-B59B-DFDB87CEE087}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{602211CD-9D9C-4AD4-B49C-02C540DAD2A9}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{79A8B018-C65D-4B69-9967-7ED639C60103}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{A22AF7CF-F00E-433A-A9AB-D851EF9569E3}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC74D6F9-5473-4473-BDB3-2924D3E2633B}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{BEB3EF2E-4477-42CC-9D10-2D39E6F4FABA}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EA8D15-4FC5-4A2A-8E87-F33C971B348B}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE1153E1-F3EB-4903-A693-0C9BB12F8EFB}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB5ABA37-21D7-4F3B-AADD-78B2CF00B8C4}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC265B48-FC07-4FE7-9EE6-0D5091E30F63}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA2F25CD-6A82-4EC3-8F58-69E1B2E5E74D}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.153
O17 - HKLM\System\CS1\Services\Tcpip\..\{032DAB44-7B6C-4EA9-9B34-D5E9A222DF33}: NameServer = 85.255.113.134,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.153
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: wmplayer - {14D6B73B-4A39-4760-8096-6A1818F3B33C} - C:\WINDOWS\wmplayer.dll
O21 - SSODL: wmsound - {90D95BE3-FA28-4F36-BDF3-8605855CDB59} - C:\WINDOWS\wmsound.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

 

 

 

It looks like You have/had a wareout infection -

 

---

 

 

It was wareout infection there disappeared. However, there are more infections We need to remove.

 

 

 

 

---

I think You should consider installing a antivirus program when We are done, as You have a smitfraud infection as well

 

 

 

I recommend AVG -

 

1.      Download AVG Anti-Virus Free Edition

---

 

Also, I use ad-aware to scane my computer periodically. Is this necessary, now that I have AVG to scan it?

Your help was outstanding.
Thanks,
-Ibanez

Post Edited (Ibanez) : 23-07-2007 05:51:40 GMT

You have give Me an award - "Your help was outstanding"  That´s enough for Me

I suggest You continue with  ad-aware, as AVG "only" check for virus

I use BG My self, no slowness, beside You can mail or chat with BG team directly if You have any problems.