Hi. First of all you need to update hijackthis to version 1.98.2. Run hijackthis & go to *Config\Misc Tools\Check for update on-line*. If the site is down, go here. Remove the old version by deleting the file manually. Unzip the new version into the hijackthis folder.

Go here for an on-line scan & set it to autoclean for you.

Try this scan as well.

Reboot and post a new log from the updated hijackthis.

Hi crunchie,

I have carried out your recommendations to scan my pc through the first link that you have provided. The second link has a little error loading.

Through the online virus scan, 8 infected files were detected, of which 3 files could not be deleted as they were in use. These are:
1)TROJ AGENT.BN C:\Program Files\WindUpdates\Comm.dll
2)TROJ AGENT.BN C:\Program Files\WindUpdates\WinKA.exe
3)TROJ AGENT.BF C:\Program Files\WindUpdates\WinUpdt.exe

Below is my new HijackThis log:

Logfile of HijackThis v1.98.2
Scan saved at 1:02:50 AM, on 8/20/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\System32\cmsrg.exe
C:\WINDOWS\System32\aypqzg.exe
C:\WINDOWS\System32\MSlti32.exe
C:\WINDOWS\System32\svspack2.exe
C:\WINDOWS\System32\sysprx.exe
C:\WINDOWS\System32\quicktime.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\twzn.exe
C:\Program Files\WindUpdates\WinKA.exe
C:\WINDOWS\Screen Scapes Task.exe
C:\Documents and Settings\Alan\My Documents\Miscellaneous\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1AAD655E-B667-52CA-8250-125508AD2D6D} - C:\WINDOWS\System32\jpgut.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [zzzCamInSuiteIII] E:\SETUP.EXE 246***
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\dledhakc.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Microsoft System32 Update] cmsrg.exe
O4 - HKLM\..\Run: [Microsoft Update Loader] aypqzg.exe
O4 - HKLM\..\Run: [Microsoft Update] MSlti32.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\Run: [svspack2.exe] svspack2.exe
O4 - HKLM\..\Run: [WindowsRegKey update] sysprx.exe
O4 - HKLM\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\RunServices: [Microsoft System32 Update] cmsrg.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loader] aypqzg.exe
O4 - HKLM\..\RunServices: [Microsoft Update] MSlti32.exe
O4 - HKLM\..\RunServices: [svspack2.exe] svspack2.exe
O4 - HKLM\..\RunServices: [WindowsRegKey update] sysprx.exe
O4 - HKLM\..\RunServices: [ioroxxo microsoft sux] quicktime.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SVX Control Service] svxhost.exe
O4 - HKCU\..\Run: [Microsoft Update Loader] aypqzg.exe
O4 - HKCU\..\Run: [Microsoft Update] MSlti32.exe
O4 - HKCU\..\Run: [Drnsuzym] C:\WINDOWS\System32\twzn.exe
O4 - HKCU\..\Run: [svspack2.exe] svspack2.exe
O4 - HKCU\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - Startup: Screen Scapes Task.lnk = C:\WINDOWS\Screen Scapes Task.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Short Message - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_66036_5402 (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...6f4329c216c9b6
O16 - DPF: {3D20DB72-57B1-4564-BDFA-2581337B7446} (Mganiser Control) - http://www.moreatonce.com/atx/mganiser.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/200...Inc/bridge.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.comp...bio5_1_6_0.cab
O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} - http://download.redswoosh.com/Installer/rsinstaller.cab


Please advise. Thank you.

Have you run full anti-virus, Ad Aware, and Spybot scans yet using the most current updates to those programs? If not, please do so and then post a fresh log. Links to Ad Aware and Spybot are in my sig below, and instructions on using those utilities are posted in many of the other threads here; please read and follow those instructions befre scanning.

Dear experts,

I have carried out thorough anti-virus, Adaware and Spybot scans with the latest updates to each program.

Here's my latest HijackThis log:

Logfile of HijackThis v1.98.2
Scan saved at 6:35:46 PM, on 8/20/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\System32\cmsrg.exe
C:\WINDOWS\System32\aypqzg.exe
C:\WINDOWS\System32\MSlti32.exe
C:\WINDOWS\System32\svspack2.exe
C:\WINDOWS\System32\quicktime.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\twzn.exe
C:\WINDOWS\Screen Scapes Task.exe
C:\Documents and Settings\Alan\My Documents\Miscellaneous\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1AAD655E-B667-52CA-8250-125508AD2D6D} - C:\WINDOWS\System32\jpgut.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [zzzCamInSuiteIII] E:\SETUP.EXE 246***
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Microsoft System32 Update] cmsrg.exe
O4 - HKLM\..\Run: [Microsoft Update Loader] aypqzg.exe
O4 - HKLM\..\Run: [Microsoft Update] MSlti32.exe
O4 - HKLM\..\Run: [svspack2.exe] svspack2.exe
O4 - HKLM\..\Run: [WindowsRegKey update] sysprx.exe
O4 - HKLM\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - HKLM\..\RunServices: [Microsoft System32 Update] cmsrg.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loader] aypqzg.exe
O4 - HKLM\..\RunServices: [Microsoft Update] MSlti32.exe
O4 - HKLM\..\RunServices: [svspack2.exe] svspack2.exe
O4 - HKLM\..\RunServices: [WindowsRegKey update] sysprx.exe
O4 - HKLM\..\RunServices: [ioroxxo microsoft sux] quicktime.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SVX Control Service] svxhost.exe
O4 - HKCU\..\Run: [Microsoft Update Loader] aypqzg.exe
O4 - HKCU\..\Run: [Microsoft Update] MSlti32.exe
O4 - HKCU\..\Run: [Drnsuzym] C:\WINDOWS\System32\twzn.exe
O4 - HKCU\..\Run: [svspack2.exe] svspack2.exe
O4 - HKCU\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Screen Scapes Task.lnk = C:\WINDOWS\Screen Scapes Task.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Short Message - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_66036_5402 (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...6f4329c216c9b6
O16 - DPF: {3D20DB72-57B1-4564-BDFA-2581337B7446} (Mganiser Control) - http://www.moreatonce.com/atx/mganiser.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.comp...bio5_1_6_0.cab

Please advise. Thank you.

Okay, let's go!!

Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked':

O2 - BHO: (no name) - {1AAD655E-B667-52CA-8250-125508AD2D6D} - C:\WINDOWS\System32\jpgut.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)

O4 - HKLM\..\Run: [Microsoft System32 Update] cmsrg.exe
O4 - HKLM\..\Run: [Microsoft Update Loader] aypqzg.exe
O4 - HKLM\..\Run: [Microsoft Update] MSlti32.exe
O4 - HKLM\..\Run: [svspack2.exe] svspack2.exe
O4 - HKLM\..\Run: [WindowsRegKey update] sysprx.exe
O4 - HKLM\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - HKLM\..\RunServices: [Microsoft System32 Update] cmsrg.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loader] aypqzg.exe
O4 - HKLM\..\RunServices: [Microsoft Update] MSlti32.exe
O4 - HKLM\..\RunServices: [svspack2.exe] svspack2.exe
O4 - HKLM\..\RunServices: [WindowsRegKey update] sysprx.exe
O4 - HKLM\..\RunServices: [ioroxxo microsoft sux] quicktime.exe
O4 - HKCU\..\Run: [SVX Control Service] svxhost.exe
O4 - HKCU\..\Run: [Microsoft Update Loader] aypqzg.exe
O4 - HKCU\..\Run: [Microsoft Update] MSlti32.exe
O4 - HKCU\..\Run: [Drnsuzym] C:\WINDOWS\System32\twzn.exe
O4 - HKCU\..\Run: [svspack2.exe] svspack2.exe
O4 - HKCU\..\Run: [ioroxxo microsoft sux] quicktime.exe

O9 - Extra button: Short Message - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_66036_5402 (file missing)

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...96f4329c216c9b6
-Blazefind Windupdates Adware

Reboot into safe mode following the instructions here & navigate to & delete the following if found:

C:\WINDOWS\System32\twzn.exe-file

Run a search for all those other 04 entries listed above & delete them too. They will likely be in either the Windows folder or the system32 folder.

I cannot find any reference to the following:
O4 - HKLM\..\Run: [zzzCamInSuiteIII] E:\SETUP.EXE 246***
Do you know what it is?

Reboot normally after doing the above then with all browser windows closed, scan with hijackthis and post a fresh log please.

TLVenus,

We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

I've split your post here into it own thread, which is at the following location:

http://www.daniweb.com/techtalkforum...ead.php?t=9651


For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforu...b_faq#faq_rules

Thanks.

Ignore my above post; I see you've already started a fresh thread of your own- thanks.

(I've deleted the post that I split from here, as it is now redundant)

Hi crunchie,

I have carried out all your recommendations. Please advise on the latest HijackThis log.

The following, as far as I can remember, belongs to either my scanner or handphone software. I did not fix/delete it.
04 - HKLM\..\Run:[zzzCamInSuiteIII] E:\SETUP.EXE 246***

All the 04 entries, except for twzn.exe, could not be found in my harddisk drives.

Here's my fresh HijackThis log:

Logfile of HijackThis v1.98.2
Scan saved at 12:51:08 AM, on 8/23/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\System32\svspack2.exe
C:\WINDOWS\System32\quicktime.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\Screen Scapes Task.exe
C:\Documents and Settings\Alan\My Documents\Miscellaneous\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [zzzCamInSuiteIII] E:\SETUP.EXE 246***
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [svspack2.exe] svspack2.exe
O4 - HKLM\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - HKLM\..\RunServices: [svspack2.exe] svspack2.exe
O4 - HKLM\..\RunServices: [ioroxxo microsoft sux] quicktime.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [svspack2.exe] svspack2.exe
O4 - HKCU\..\Run: [ioroxxo microsoft sux] quicktime.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Screen Scapes Task.lnk = C:\WINDOWS\Screen Scapes Task.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: {3D20DB72-57B1-4564-BDFA-2581337B7446} (Mganiser Control) - http://www.moreatonce.com/atx/mganiser.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.comp...bio5_1_6_0.cab


Looking forward to your further instructions. Thank you.

Do you have QuickTime installed on your computer & if so, was it running at the time of your scan?
Also, do you know what the following is?
C:\WINDOWS\Screen Scapes Task.exe
Please go here and have these files scanned.
C:\WINDOWS\System32\quicktime.exe
C:\WINDOWS\System32\svspack2.exe