HJT Log attached, Please help?

defently some nastie stuff in the log ,likely came along with your install of msn messenger plus program .
I sugges a run of spybot ,then post a new hjt log .
http://fileforum.betanews.com/detail/Spybot_Search_and_Destroy/1043809773/1

Heres the hjt log after the Spyboy- S&D scan
thanks

Logfile of HijackThis v1.99.1
Scan saved at 10:21:25 AM, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Vypress Chat\VyChat.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\HJT\CheckThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\hoxrwbgf.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {873D6182-28AF-48AF-9955-2F831FFB0ACC} - C:\WINDOWS\inf\lpaypm3.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll (file missing)
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware, Ad-watch.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Vypress Chat StartUp.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121245685433
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{413F521F-BB9D-4A4B-A6EA-EA9B80B1A027}: NameServer = 210.15.254.240,210.15.254.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD956B78-F2F9-44EE-9F97-B849BFB93BFC}: NameServer = 210.15.254.240,210.15.254.241
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll
O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Download trojan hunter trial run and post new log
http://www.misec.net/

Then run hijackthis again and fix any of the item below if they still exist.

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} -

C:\WINDOWS\system32\hoxrwbgf.dll

O2 - BHO: (no name) - {5A3E97DD-2A08-48BC-8F43-C0DEABC90266} - (no file)

O2 - BHO: (no name) - {873D6182-28AF-48AF-9955-2F831FFB0ACC} -

C:\WINDOWS\inf\lpaypm3.dll

O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\system32\ixt0.dll

(file missing)

Is this a site you want to be in the trusted zone.,If you ever see any domains or IP addresses listed here

you should generally remove it unless it is a recognizable URL such as one you use.

O15 - Trusted Zone: http://locator.cdn.imageservr.com

O20 - AppInit_DLLs: C:\WINDOWS\system32\smss.dll C:\WINDOWS\system32\explorer.dll

O20 - Winlogon Notify: ddccdca - ddccdca.dll (file missing)
O20 - Winlogon Notify: lpaypm3 - C:\WINDOWS\inf\lpaypm3.dll
O20 - Winlogon Notify: winerj32 - winerj32.dll (file missing)

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil

Software\Avast4\ashWebSv.exe" /service (file missing)

I downloaded the TrojanHunter,,, installed it but was unable to run a full scan before my computer reset itself.

The resseting is becomming out of control,,, When i turn my computer on it *sometimes* gets all the way into windows but when i go to do sumthing it resets. And from this point it keeps resetting and im lucky if i can get back into windows...

Also sometimes it starts and the resolution is apauling,,, The only option in the setting for this is 800x600 on 16 bit...
I dont understand...
I started it in safemode aswell and it still reset on me,,, Does this mean the problem could be hardware?

I wasnt sure whether to skip the trojanhunter step for now and try and do the fixes in the hijack log first see if it makes a differnce.

Thanks for your time

sure, do the hijackthis fixes now ,

i was able to run hijack this again,,, I fixed all the above you asked,,,
Atm, it is saying that windows needs to be activated before i can log in...
It keeps resseting on me now,,, at the loding windows screen,, were the 3 blue sqaure move along the loading bar... 95% of the time i am unable to pass that point.
If i do pass it i cant do anything as it wont log into windows unless i reactive.

i was able to run hijack this again,,, I fixed all the above you asked,,,
Atm, it is saying that windows needs to be activated before i can log in...
It keeps resseting on me now,,, at the loding windows screen,, were the 3 blue sqaure move along the loading bar... 95% of the time i am unable to pass that point.
If i do pass it i cant do anything as it wont log into windows unless i reactive.

Really ,don't see anything that i had you remove to cause that ,
I seen that just reciently and forget how i got past it .can you click on anything to to get to activate it .I remember click on something!! think think .is ther a like to phone the activation !!

can yo uget to safe mode ,hitting f8 on bootup ,if yes run hijack this ,go to config/backups ,check off all you removed and click restore

As this was my mums bussness computer and it was needing to be up and running asap i ended up buying another Hard drive. I was in the middle of reinstalling windows and the computer reset on me just as it had before.

This really pissed me off as i just bought a new Hard Drive and now it looks to be a Hardware issue.

I Ripped the whole thing apart to suss out the hardware and noticed a resistor in the power suply that had a burnt look to it. I went out and bout a new case with power supply and ran the new hard drive with the old motherbord and the thing still reset on me.

I swiched the ram from another computer (computer 2) into the one we have been working on (computer 1) and the ram from computer 1 into computer 2.

Computer 2 then camn up with alot of missing files and on occation resets randomly and was running fine before i swiched the ram.... and computer 1 hasnt reset yet and is running fine with the new hard drive and different ram....

Is it possable that the ram could of been causing this problem? And then transfered the problem to computer 2?

Sure sounds like it .