My computer is barely functioning at this point because it is constantly being bombarded with pop-up ads etc., has become extremely slow, and barely functions. I looked through this log myself but don't know enough to know which files should be deleted or "fixed". Thank you in advance for any advice you can provide
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:39:33 PM, on 2/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\RGF2aWRH\command.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\DOCUME~1\DavidG\LOCALS~1\Temp\winloggn.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE
C:\Documents and Settings\DavidG\Application Data\gadcom\gadcom.exe
C:\Documents and Settings\DavidG\Application Data\Twain\Twain.exe
C:\Documents and Settings\DavidG\Application Data\SpeedRunner\SpeedRunner.exe
C:\Documents and Settings\DavidG\Application Data\Microsoft\Windows\vmqlae.exe
C:\Program Files\VnrPack\VnrPack25.exe
C:\Program Files\GetModule\GetModule37.exe
C:\PROGRA~1\COMMON~1\qkru\qkrum.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\COMMON~1\qkru\qkrua.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\DavidG\LOCALS~1\Temp\iyaux6vk36q.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKLM\..\Run: [jsf8j34rgfght] C:\DOCUME~1\DavidG\LOCALS~1\Temp\winloggn.exe
O4 - HKLM\..\Run: [18487f41] rundll32.exe "C:\WINDOWS\system32\rulxydqa.dll",b
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus CX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE /FU "C:\WINDOWS\TEMP\E_S20A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKCU\..\Run: [gadcom] "C:\Documents and Settings\DavidG\Application Data\gadcom\gadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKCU\..\Run: [jsf8j34rgfght] C:\DOCUME~1\DavidG\LOCALS~1\Temp\winloggn.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\DavidG\LOCALS~1\Temp\csrssc.exe
O4 - HKCU\..\Run: [b4akx8xu932bfvinlolivhql5otnhcxe9o] C:\DOCUME~1\DavidG\LOCALS~1\Temp\ej4vxve51dbd.exe
O4 - HKCU\..\Run: [aygap9j40clcppqbbrojetd108] C:\DOCUME~1\DavidG\LOCALS~1\Temp\vpxdnzbgmp.exe
O4 - HKCU\..\Run: [Twain] C:\Documents and Settings\DavidG\Application Data\Twain\Twain.exe
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\DavidG\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\DavidG\Application Data\Microsoft\Windows\vmqlae.exe
O4 - HKCU\..\Run: [gpnt4s0yirvgacibnwr] C:\DOCUME~1\DavidG\LOCALS~1\Temp\zmfvifaczd.exe
O4 - HKCU\..\Run: [qhjhv36n6mrgasf0] C:\DOCUME~1\DavidG\LOCALS~1\Temp\wdpq5cv7.exe
O4 - HKCU\..\Run: [VnrPack25] "C:\Program Files\VnrPack\VnrPack25.exe"
O4 - HKCU\..\Run: [GetModule37] C:\Program Files\GetModule\GetModule37.exe
O4 - HKCU\..\Run: [qkru] C:\PROGRA~1\COMMON~1\qkru\qkrum.exe
O4 - HKCU\..\Run: [iun7f5szw4v8syugx847s] C:\DOCUME~1\DavidG\LOCALS~1\Temp\kzxv5sl9.exe
O4 - HKCU\..\Run: [q0q20g2h1ctu3wgn7rszr40adimdlf] C:\DOCUME~1\DavidG\LOCALS~1\Temp\fao5e83824ml.exe
O4 - HKCU\..\Run: [jsim2ns4i6jobojgam3y3n7bflkzahwgvfo1qg2zuh] C:\DOCUME~1\DavidG\LOCALS~1\Temp\byjponkjw.exe
O4 - HKCU\..\Run: [w6lh32myzstx] C:\DOCUME~1\DavidG\LOCALS~1\Temp\lu6jzxq.exe
O4 - HKCU\..\Run: [qi7dwvsqukhgg0vab2f] C:\DOCUME~1\DavidG\LOCALS~1\Temp\b2y435p.exe
O4 - HKCU\..\Run: [ffix4zmc0ww6p9i8nizf5imn6cmcundjt95qez9f7] C:\DOCUME~1\DavidG\LOCALS~1\Temp\mofhmcm.exe
O4 - HKCU\..\Run: [jmwxr4ll6tuqh5wf6i357erf4sxdb2skw3ndewonev] C:\DOCUME~1\DavidG\LOCALS~1\Temp\i6gaurhwbqi.exe
O4 - HKCU\..\Run: [f9n70m44jghx5xraiodknyupbl56ev2gdpp0mvy9po2nbd] C:\DOCUME~1\DavidG\LOCALS~1\Temp\nprn2253d.exe
O4 - HKCU\..\Run: [yrgsmp26yzbu7fa48oa1829nc9jbj5caffe7m1e37tfjc5] C:\DOCUME~1\DavidG\LOCALS~1\Temp\fx20ect6du.exe
O4 - HKCU\..\Run: [jdzf3elh96] C:\DOCUME~1\DavidG\LOCALS~1\Temp\njtj8puemirh.exe
O4 - HKCU\..\Run: [rowvolls4s] C:\DOCUME~1\DavidG\LOCALS~1\Temp\poat52pe1.exe
O4 - HKCU\..\Run: [xkfxcte02pagu7i3gy24] C:\DOCUME~1\DavidG\LOCALS~1\Temp\fujpuf1yf5.exe
O4 - HKCU\..\Run: [fq3i0ke4d63dyahip05zsuv] C:\DOCUME~1\DavidG\LOCALS~1\Temp\ufxtcd7q32bys.exe
O4 - HKCU\..\Run: [bdlg9zqx44z1igiyqg6kdxk16u55sbzcuoaz3l2q] C:\DOCUME~1\DavidG\LOCALS~1\Temp\vv4xuw3n1e2.exe
O4 - HKCU\..\Run: [dhrxrgs70i5fu6nefl9zk] C:\DOCUME~1\DavidG\LOCALS~1\Temp\iyaux6vk36q.exe
O4 - HKCU\..\Run: [wbjwt01akq] C:\DOCUME~1\DavidG\LOCALS~1\Temp\yo95qn.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV03.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {036F8A56-0BC8-4607-8F98-D3231E6FF5ED} (CentraUpdaterAxCtl Class) - http://practiceworks.centra.com/SiteRoo ... aterAx.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4058/ ... oupons.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/share ... cgdmgr.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://practiceworks.webex.com/client/ ... eatgpc.cab
O20 - AppInit_DLLs: bdsggi.dll gkccja.dll ruifvm.dll
O22 - SharedTaskScheduler: FGYbf743iujndsfAfsdfd - {D5BF49A2-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\tyshb36rfjdf.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\RGF2aWRH\command.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (Network Monitor) - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/DavidG/LOCALS~1/Temp/msohtml1/01/clip_image002.gif
--
End of file - 12719 bytes