Unable to run MSCONFIG...it will flash open for one second then disappear.
Help anyone...tks, marcus.

Welcome to CTH marcolou. Go here (http://www.spywareinfo.com/files/hijackthis.zip) and download the latest version of Hijack This and run a scan. Most of the files listed will be harmless and/or required so do not make any changes, just click on Save Log, copy it and post it back in this thread.

Result of HJack..
Logfile of HijackThis v1.97.7
Scan saved at 9:09:24 PM, on 12/1/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\3CMLNKW.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\HFP.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE
C:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\SVVHOST.EXE
C:\PROGRAM FILES\POPTRAY\POPTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACRORD32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\MYIE2\MYIE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sympatico.ca/iesearchpane.html?blink=static
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com/my.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Marcus Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 207.199.1.105 www.gamespy.com
O1 - Hosts: 206.132.131.50 www.gamespot.com
O1 - Hosts: 216.247.236.68 www.tweakfiles.com
O1 - Hosts: 216.151.127.41 www.tweak3d.net
O1 - Hosts: 205.252.89.157 www.deskmod.com
O1 - Hosts: 64.28.67.48 www.slashdot.org
O1 - Hosts: 207.199.1.103 www.planetquake.com
O1 - Hosts: 216.247.236.67 www.3dfiles.com
O1 - Hosts: 207.115.70.83 www.3dspotlight.net
O1 - Hosts: 216.183.105.186 www.penny-arcade.com
O1 - Hosts: 209.207.250.33 www.somethingawful.com
O1 - Hosts: 207.0.114.195 www.tabworldonline.com
O1 - Hosts: 63.214.181.69 www.tweaktown.com
O1 - Hosts: 205.181.128.80 www.geek.com
O1 - Hosts: 199.105.102.131 www.happypuppy.com
O1 - Hosts: 205.229.72.80 www.hothardware.com
O1 - Hosts: 61.8.3.18 www.insanehardware.com
O1 - Hosts: 216.34.72.161 www.millisec.com
O1 - Hosts: 209.249.33.4 www.msicomputer.com
O1 - Hosts: 208.249.124.215 www.overclockers.com
O1 - Hosts: 213.207.14.141 zoiah.m3dzone.com
O1 - Hosts: 63.67.239.189 tdg.vintagegaming.com
O1 - Hosts: 207.153.207.173 www.tech-junkie.com
O1 - Hosts: 209.68.32.183 www.storagereview.com
O1 - Hosts: 209.197.121.2 www.tomshardware.com
O1 - Hosts: 209.247.194.100 babelfish.altavista.digital.com
O1 - Hosts: 206.204.212.2 www.symantec.com
O1 - Hosts: 209.68.58.104 motherboards.org
O1 - Hosts: 192.18.97.241 www.sun.com
O1 - Hosts: 216.62.153.3 www.pinkmonkey.com
O1 - Hosts: 159.33.1.85 cbc.ca
O1 - Hosts: 166.70.10.23 www.computerhope.com
O1 - Hosts: 198.235.69.50 www.expressvu.com
O1 - Hosts: 64.14.126.119 www.brainbench.com
O1 - Hosts: 208.47.252.43 www.bootdisk.com
O1 - Hosts: 137.82.195.9 careerowl.ca
O1 - Hosts: 209.66.74.94 www.techbargains.com
O1 - Hosts: 206.47.148.163 www.pccanada.com
O1 - Hosts: 206.161.202.96 www.skinz.org
O1 - Hosts: 208.228.126.53 www.express.com
O1 - Hosts: 207.168.8.2 www.onsale.com
O1 - Hosts: 207.168.8.2 www.egghead.com
O1 - Hosts: 216.241.100.190 www.computersurplusoutlet.com
O1 - Hosts: 209.67.181.21 www.buy.com
O1 - Hosts: 206.253.222.67 www.2cooltek.com
O1 - Hosts: 206.132.163.111 www.nbc.com
O1 - Hosts: 209.116.0.210 www.litestep.net
O1 - Hosts: 216.33.41.60 www.fox.com
O1 - Hosts: 63.226.107.3 www.darkstep.com
O1 - Hosts: 193.125.199.4 www.icqplus.org
O1 - Hosts: 208.51.196.21 www.customize.org
O1 - Hosts: 63.227.17.77 www.cognitivedistortion.com
O1 - Hosts: 63.249.168.192 www.graphicsdesign.org
O1 - Hosts: 64.225.121.225 www.designsbymark.com
O1 - Hosts: 207.228.228.14 www.98lite.net
O1 - Hosts: 195.97.246.136 www.1001icqskins.com
O1 - Hosts: 209.10.46.171 www.diamondmm.com
O1 - Hosts: 64.41.230.253 www.creative.com
O1 - Hosts: 64.41.230.253 www.soundblaster.com
O1 - Hosts: 209.249.164.210 gxs.n3.net
O1 - Hosts: 209.137.157.25 www.canon.com
O1 - Hosts: 192.151.52.13 www.hp.com
O1 - Hosts: 216.18.6.150 www.chalk.com
O1 - Hosts: 208.185.239.10 sdnews.net
O1 - Hosts: 216.49.88.12 www.mcafee.com
O1 - Hosts: 206.96.221.169 www.hardocp.com
O1 - Hosts: 216.151.100.102 www.anandtech.com
O1 - Hosts: 216.15.188.70 www.3dgpu.com
O1 - Hosts: 204.180.41.10 www.reactorcritical.com
O1 - Hosts: 216.205.180.39 www.3dchipset.com
O1 - Hosts: 212.35.226.50 www.eurogamer.net
O1 - Hosts: 206.114.154.45 www.smartalec2000.com
O1 - Hosts: 128.11.45.131 www.hotfiles.com
O1 - Hosts: 64.4.43.7 www.hotmail.com
O1 - Hosts: 216.105.162.18 www.voodooextreme.com
O1 - Hosts: 216.200.247.148 www.download.com
O1 - Hosts: 216.200.247.132 www.cnet.com
O1 - Hosts: 205.181.112.65 www.zdnet.com
O1 - Hosts: 209.73.164.92 www.altavista.com
O1 - Hosts: 204.71.200.75 www.yahoo.com
O1 - Hosts: 216.239.33.100 www.google.com
O1 - Hosts: 206.253.217.38 www.metacrawler.com
O1 - Hosts: 209.198.21.71 astalavista.box.sk
O1 - Hosts: 216.35.123.102 www.ignpc.com
O1 - Hosts: 143.166.82.178 www.dell.com
O1 - Hosts: 216.247.236.67 www.3dfiles.com
O1 - Hosts: 209.87.55.145 www.a-power.com
O1 - Hosts: 64.23.13.53 www.reliz.ru
O1 - Hosts: 216.165.161.17 www.theonion.com
O1 - Hosts: 216.35.123.107 www.ign.com
O1 - Hosts: 204.146.81.99 www.ibm.com
O1 - Hosts: 205.214.169.2 www.acerlabs.com
O1 - Hosts: 216.200.159.128 www.asus.com
O1 - Hosts: 192.216.191.42 www.acer.com
O1 - Hosts: 140.174.105.248 www.nvidia.com
O1 - Hosts: 204.50.136.43 www.matrox.com
O1 - Hosts: 166.90.143.6 www.3dfx.com
O1 - Hosts: 207.167.207.71 www.ati.com
O1 - Hosts: 63.170.89.212 www.abit.com
O1 - Hosts: 216.200.57.12 www.firingsquad.com
O1 - Hosts: 216.74.72.88 www.uniballcentral.com
O2 - BHO: Window Shades - {B5B57F4F-EFA5-11D4-A971-444553540000} - (no file)
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [bpcpost.exe] c:\windows\SYSTEM\bpcpost.exe
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\startpage guard\spguard.exe /s /r
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [$EnterNet] C:\PROGRA~1\SYMPAT~1\ACCESS~1\APP\ENTERNET.EXE -AutoStart
O4 - HKLM\..\Run: [EM_EXEC] c:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [HP Printer] SVVHOST.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [3Cmlink] c:\windows\SYSTEM\3cmlnkW.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [hfprog] hfp.exe
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKCU\..\RunOnce: [HP Printer] SVVHOST.EXE
O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 - User Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Add to Ad Hunter - C:\PROGRAM FILES\MYIE2\config/blacklist.htm
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Fill from Identity &; - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillIdent.html
O8 - Extra context menu item: Fill from Passcard &' - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillPass.html
O8 - Extra context menu item: Rf Options &O - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill && Submit &8 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillSubmit.html
O9 - Extra button: Wallpaper (HKLM)
O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O9 - Extra button: Safenotes (HKLM)
O9 - Extra 'Tools' menuitem: SafeNotes &/ (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37873.7177083333
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as/asinst.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {F8F88D0D-E455-11D6-B547-00400555C7FB} (DiskHealth2 Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {E3BD7B65-669B-49D4-881A-68DEF9D92E5D} (BackWeb Lite Install Runner) - http://www.cbchomedelivery.com/focus_group/installer/Focus_Group_Client.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/047e7c82a8405ac5f320/netzip/RdxIE601.cab
O16 - DPF: {607DF741-7D0A-11D4-9EDC-005004189684} - http://www.ucmore.com/download/UCmoreIEx.cab
O16 - DPF: {CF051549-EDE1-40F5-B440-BCD646CF2C25} (Ppinstall Control) - http://www.163.com/wwwimages/sms/ppinstall22.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://www.andlotsmore.com/factory/058343ca.exe

Hi again marcolou - Close IE and run Hijack This again. This time, select the below entries and click on Fix Selected.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sympatico.ca/iesearchpane.html?blink=static

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O1 - Hosts: 207.199.1.105 www.gamespy.com
O1 - Hosts: 206.132.131.50 www.gamespot.com
O1 - Hosts: 216.247.236.68 www.tweakfiles.com
O1 - Hosts: 216.151.127.41 www.tweak3d.net
O1 - Hosts: 205.252.89.157 www.deskmod.com
O1 - Hosts: 64.28.67.48 www.slashdot.org
O1 - Hosts: 207.199.1.103 www.planetquake.com
O1 - Hosts: 216.247.236.67 www.3dfiles.com
O1 - Hosts: 207.115.70.83 www.3dspotlight.net
O1 - Hosts: 216.183.105.186 www.penny-arcade.com
O1 - Hosts: 209.207.250.33 www.somethingawful.com
O1 - Hosts: 207.0.114.195 www.tabworldonline.com
O1 - Hosts: 63.214.181.69 www.tweaktown.com
O1 - Hosts: 205.181.128.80 www.geek.com
O1 - Hosts: 199.105.102.131 www.happypuppy.com
O1 - Hosts: 205.229.72.80 www.hothardware.com
O1 - Hosts: 61.8.3.18 www.insanehardware.com
O1 - Hosts: 216.34.72.161 www.millisec.com
O1 - Hosts: 209.249.33.4 www.msicomputer.com
O1 - Hosts: 208.249.124.215 www.overclockers.com
O1 - Hosts: 213.207.14.141 zoiah.m3dzone.com
O1 - Hosts: 63.67.239.189 tdg.vintagegaming.com
O1 - Hosts: 207.153.207.173 www.tech-junkie.com
O1 - Hosts: 209.68.32.183 www.storagereview.com
O1 - Hosts: 209.197.121.2 www.tomshardware.com
O1 - Hosts: 209.247.194.100 babelfish.altavista.digital.com
O1 - Hosts: 206.204.212.2 www.symantec.com
O1 - Hosts: 209.68.58.104 motherboards.org
O1 - Hosts: 192.18.97.241 www.sun.com
O1 - Hosts: 216.62.153.3 www.pinkmonkey.com
O1 - Hosts: 159.33.1.85 cbc.ca
O1 - Hosts: 166.70.10.23 www.computerhope.com
O1 - Hosts: 198.235.69.50 www.expressvu.com
O1 - Hosts: 64.14.126.119 www.brainbench.com
O1 - Hosts: 208.47.252.43 www.bootdisk.com
O1 - Hosts: 137.82.195.9 careerowl.ca
O1 - Hosts: 209.66.74.94 www.techbargains.com
O1 - Hosts: 206.47.148.163 www.pccanada.com
O1 - Hosts: 206.161.202.96 www.skinz.org
O1 - Hosts: 208.228.126.53 www.express.com
O1 - Hosts: 207.168.8.2 www.onsale.com
O1 - Hosts: 207.168.8.2 www.egghead.com
O1 - Hosts: 216.241.100.190 www.computersurplusoutlet.com
O1 - Hosts: 209.67.181.21 www.buy.com
O1 - Hosts: 206.253.222.67 www.2cooltek.com
O1 - Hosts: 206.132.163.111 www.nbc.com
O1 - Hosts: 209.116.0.210 www.litestep.net
O1 - Hosts: 216.33.41.60 www.fox.com
O1 - Hosts: 63.226.107.3 www.darkstep.com
O1 - Hosts: 193.125.199.4 www.icqplus.org
O1 - Hosts: 208.51.196.21 www.customize.org
O1 - Hosts: 63.227.17.77 www.cognitivedistortion.com
O1 - Hosts: 63.249.168.192 www.graphicsdesign.org
O1 - Hosts: 64.225.121.225 www.designsbymark.com
O1 - Hosts: 207.228.228.14 www.98lite.net
O1 - Hosts: 195.97.246.136 www.1001icqskins.com
O1 - Hosts: 209.10.46.171 www.diamondmm.com
O1 - Hosts: 64.41.230.253 www.creative.com
O1 - Hosts: 64.41.230.253 www.soundblaster.com
O1 - Hosts: 209.249.164.210 gxs.n3.net
O1 - Hosts: 209.137.157.25 www.canon.com
O1 - Hosts: 192.151.52.13 www.hp.com
O1 - Hosts: 216.18.6.150 www.chalk.com
O1 - Hosts: 208.185.239.10 sdnews.net
O1 - Hosts: 216.49.88.12 www.mcafee.com
O1 - Hosts: 206.96.221.169 www.hardocp.com
O1 - Hosts: 216.151.100.102 www.anandtech.com
O1 - Hosts: 216.15.188.70 www.3dgpu.com
O1 - Hosts: 204.180.41.10 www.reactorcritical.com
O1 - Hosts: 216.205.180.39 www.3dchipset.com
O1 - Hosts: 212.35.226.50 www.eurogamer.net
O1 - Hosts: 206.114.154.45 www.smartalec2000.com
O1 - Hosts: 128.11.45.131 www.hotfiles.com
O1 - Hosts: 64.4.43.7 www.hotmail.com
O1 - Hosts: 216.105.162.18 www.voodooextreme.com
O1 - Hosts: 216.200.247.148 www.download.com
O1 - Hosts: 216.200.247.132 www.cnet.com
O1 - Hosts: 205.181.112.65 www.zdnet.com
O1 - Hosts: 209.73.164.92 www.altavista.com
O1 - Hosts: 204.71.200.75 www.yahoo.com
O1 - Hosts: 216.239.33.100 www.google.com
O1 - Hosts: 206.253.217.38 www.metacrawler.com
O1 - Hosts: 209.198.21.71 astalavista.box.sk
O1 - Hosts: 216.35.123.102 www.ignpc.com
O1 - Hosts: 143.166.82.178 www.dell.com
O1 - Hosts: 216.247.236.67 www.3dfiles.com
O1 - Hosts: 209.87.55.145 www.a-power.com
O1 - Hosts: 64.23.13.53 www.reliz.ru
O1 - Hosts: 216.165.161.17 www.theonion.com
O1 - Hosts: 216.35.123.107 www.ign.com
O1 - Hosts: 204.146.81.99 www.ibm.com
O1 - Hosts: 205.214.169.2 www.acerlabs.com
O1 - Hosts: 216.200.159.128 www.asus.com
O1 - Hosts: 192.216.191.42 www.acer.com
O1 - Hosts: 140.174.105.248 www.nvidia.com
O1 - Hosts: 204.50.136.43 www.matrox.com
O1 - Hosts: 166.90.143.6 www.3dfx.com
O1 - Hosts: 207.167.207.71 www.ati.com
O1 - Hosts: 63.170.89.212 www.abit.com
O1 - Hosts: 216.200.57.12 www.firingsquad.com
O1 - Hosts: 216.74.72.88 www.uniballcentral.com

O2 - BHO: Window Shades - {B5B57F4F-EFA5-11D4-A971-444553540000} - (no file)

O4 - HKLM\..\Run: [HP Printer] SVVHOST.EXE

O4 - HKCU\..\RunOnce: [HP Printer] SVVHOST.EXE

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe

O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx

O16 - DPF: {E3BD7B65-669B-49D4-881A-68DEF9D92E5D} (BackWeb Lite Install Runner) - http://www.cbchomedelivery.com/focu...roup_Client.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/047e7c82a8405a...ip/RdxIE601.cab

O16 - DPF: {607DF741-7D0A-11D4-9EDC-005004189684} - http://www.ucmore.com/download/UCmoreIEx.cab

O16 - DPF: {CF051549-EDE1-40F5-B440-BCD646CF2C25} (Ppinstall Control) - http://www.163.com/wwwimages/sms/ppinstall22.cab

O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://www.andlotsmore.com/factory/058343ca.exe

When you have done this, boot into Safe Mode (restart your PC and tap F8 as it restarts), make sure that you can view hidden files and folders and run a search for SVVHOST.EXE. When you find it, delete it. Boot back into normal mode and see if you can run msconfig now. Also run Hijack This again and post back a new log.

Can you tell me what the below entry is? Do you have Advanced Hide Folders installed? If you dont know, could you please copy hfp.exe, zip it up and send it to me. My addy is annmarie@cybertechhelp.com. Thanks.

O4 - HKLM\..\RunServices: [hfprog] hfp.exe

Hi Annmarie
Here is new log...able to run msconfig...e-mail with requested info to follow. Thanks a whole lot. marc

Logfile of HijackThis v1.97.7
Scan saved at 12:59:54 PM, on 12/2/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\3CMLNKW.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\HFP.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\POPTRAY\POPTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com/my.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Marcus Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 192.41.18.142 www.savagenews.com
O1 - Hosts: 62.144.156.73 www.paraknowya.de
O1 - Hosts: 192.102.198.160 www.intel.com
O1 - Hosts: 139.95.253.1 www.amd.com
O1 - Hosts: 207.199.1.129 www.planetunreal.com
O1 - Hosts: 207.199.1.201 www.fileplanet.com
O1 - Hosts: 207.199.1.102 www.planethalflife.com
O1 - Hosts: 207.199.1.110 www.planetblood.com
O1 - Hosts: 207.199.1.118 www.3dactionplanet.com
O1 - Hosts: 216.59.112.80 www.bidforpower.com
O1 - Hosts: 198.186.203.44 miranda-icq.sourceforge.net
O1 - Hosts: 205.188.137.185 members.aol.com
O1 - Hosts: 216.234.235.19 www.quake3mods.net
O1 - Hosts: 195.224.197.67 www.q3f.com
O1 - Hosts: 212.227.109.34 www.urban-terror.net
O1 - Hosts: 216.40.32.34 www.tucows.com
O1 - Hosts: 64.124.41.39 www.napster.com
O1 - Hosts: 195.112.52.247 www.register.co.uk
O1 - Hosts: 207.46.130.45 www.microsoft.com
O1 - Hosts: 209.226.137.53 www.qnx.com
O1 - Hosts: 208.185.132.200 www.be.com
O1 - Hosts: 205.188.245.120 www.winamp.com
O1 - Hosts: 207.188.7.43 www.real.com
O1 - Hosts: 205.188.247.66 www.netscape.com
O1 - Hosts: 205.188.160.121 www.aol.com
O1 - Hosts: 216.167.19.67 www.3dhardware.net
O1 - Hosts: 202.139.235.147 netkills.qgl.org
O1 - Hosts: 207.88.208.225 WWW.logitech.com
O1 - Hosts: 216.247.236.108 www.3dcool.com
O1 - Hosts: 204.187.152.33 www.canada.com
O1 - Hosts: 209.43.76.142 www.ixbt-labs.com
O1 - Hosts: 216.55.38.22 www.iamnotageek.com
O1 - Hosts: 216.32.120.133 www.ebay.com
O1 - Hosts: 216.33.157.208 www.ebay.ca
O1 - Hosts: 63.210.143.47 www.guru3d.com
O1 - Hosts: 207.199.1.121 www.planetdiablo.com
O1 - Hosts: 207.199.1.147 www.planetdreamcast.com
O1 - Hosts: 63.236.73.172 www.hardwarecentral.com
O1 - Hosts: 63.236.73.81 www.sharkyextreme.com
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [bpcpost.exe] c:\windows\SYSTEM\bpcpost.exe
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\startpage guard\spguard.exe /s /r
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [$EnterNet] C:\PROGRA~1\SYMPAT~1\ACCESS~1\APP\ENTERNET.EXE -AutoStart
O4 - HKLM\..\Run: [EM_EXEC] c:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Printer] SVVHOST.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [3Cmlink] c:\windows\SYSTEM\3cmlnkW.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [hfprog] hfp.exe
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 - User Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Add to Ad Hunter - C:\PROGRAM FILES\MYIE2\config/blacklist.htm
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Fill from Identity &; - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillIdent.html
O8 - Extra context menu item: Fill from Passcard &' - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillPass.html
O8 - Extra context menu item: Rf Options &O - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill && Submit &8 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillSubmit.html
O9 - Extra button: Wallpaper (HKLM)
O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O9 - Extra button: Safenotes (HKLM)
O9 - Extra 'Tools' menuitem: SafeNotes &/ (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37873.7177083333
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as/asinst.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {F8F88D0D-E455-11D6-B547-00400555C7FB} (DiskHealth2 Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab

Annmarie,
I wanted to add :after booting in safe mode and deleting file svvhost.exe and rebooting in normal mode, I was able to run msconfig and under startup tab there is a checked entry under HP Printer SVVHOST.EXE. marcolou

Hi marcolou - yes I can see it. This time, open Task Manager and look for HP Printer (or SVVHOST.EXE) and end task it. Now run Hijack This again and fix the below entries:

O1 - Hosts: 192.41.18.142 www.savagenews.com
O1 - Hosts: 62.144.156.73 www.paraknowya.de
O1 - Hosts: 192.102.198.160 www.intel.com
O1 - Hosts: 139.95.253.1 www.amd.com
O1 - Hosts: 207.199.1.129 www.planetunreal.com
O1 - Hosts: 207.199.1.201 www.fileplanet.com
O1 - Hosts: 207.199.1.102 www.planethalflife.com
O1 - Hosts: 207.199.1.110 www.planetblood.com
O1 - Hosts: 207.199.1.118 www.3dactionplanet.com
O1 - Hosts: 216.59.112.80 www.bidforpower.com
O1 - Hosts: 198.186.203.44 miranda-icq.sourceforge.net
O1 - Hosts: 205.188.137.185 members.aol.com
O1 - Hosts: 216.234.235.19 www.quake3mods.net
O1 - Hosts: 195.224.197.67 www.q3f.com
O1 - Hosts: 212.227.109.34 www.urban-terror.net
O1 - Hosts: 216.40.32.34 www.tucows.com
O1 - Hosts: 64.124.41.39 www.napster.com
O1 - Hosts: 195.112.52.247 www.register.co.uk
O1 - Hosts: 207.46.130.45 www.microsoft.com
O1 - Hosts: 209.226.137.53 www.qnx.com
O1 - Hosts: 208.185.132.200 www.be.com
O1 - Hosts: 205.188.245.120 www.winamp.com
O1 - Hosts: 207.188.7.43 www.real.com
O1 - Hosts: 205.188.247.66 www.netscape.com
O1 - Hosts: 205.188.160.121 www.aol.com
O1 - Hosts: 216.167.19.67 www.3dhardware.net
O1 - Hosts: 202.139.235.147 netkills.qgl.org
O1 - Hosts: 207.88.208.225 WWW.logitech.com
O1 - Hosts: 216.247.236.108 www.3dcool.com
O1 - Hosts: 204.187.152.33 www.canada.com
O1 - Hosts: 209.43.76.142 www.ixbt-labs.com
O1 - Hosts: 216.55.38.22 www.iamnotageek.com
O1 - Hosts: 216.32.120.133 www.ebay.com
O1 - Hosts: 216.33.157.208 www.ebay.ca
O1 - Hosts: 63.210.143.47 www.guru3d.com
O1 - Hosts: 207.199.1.121 www.planetdiablo.com
O1 - Hosts: 207.199.1.147 www.planetdreamcast.com
O1 - Hosts: 63.236.73.172 www.hardwarecentral.com
O1 - Hosts: 63.236.73.81 www.sharkyextreme.com

O4 - HKLM\..\Run: [HP Printer] SVVHOST.EXE

When you have done this, boot into Safe Mode again and search for SVVHOST.EXE. If it is present, delete it.

I have checked that file that you sent me and it is installed by Hide Files.

When you have finished, run Hijack This again and post back a new log.

AnnMarie.
Probably sounds dumb...what is task manager...if these are tasks in task scheduler... there is no entry for HP Printer or SVVHOST.exe
m

duh???
Task Mngr: i guess it is Ctrl+Alt+dlte...if so no HP Printer or SVVHOST.exe running...m

Yep, but dont feel dumb. We have all been there marcolou :)

No problem, run Hijack This again and fix the entries that I identified and then boot back into Safe Mode and search for SVVHOST.EXE. If you find it delete it.

If you cannot find it, just to be on the safe side, go here (http://www.spywareinfo.com/~merijn/files/cwshredder.zip) and download and run CWShredder. Reboot afterwards and post back a new Hijack This log.

Hi AnnMarie,
Done all of the above...here is new log for Hijack this...Thanks
Logfile of HijackThis v1.97.7
Scan saved at 11:28:03 AM, on 12/3/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\3CMLNKW.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\HFP.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\POPTRAY\POPTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com/my.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Marcus Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\CCHELPER.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PRO\POPUPPRO.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [bpcpost.exe] c:\windows\SYSTEM\bpcpost.exe
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\startpage guard\spguard.exe /s /r
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [$EnterNet] C:\PROGRA~1\SYMPAT~1\ACCESS~1\APP\ENTERNET.EXE -AutoStart
O4 - HKLM\..\Run: [EM_EXEC] c:\LOGITECH\MOUSE\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [3Cmlink] c:\windows\SYSTEM\3cmlnkW.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [hfprog] hfp.exe
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 - User Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Add to Ad Hunter - C:\PROGRAM FILES\MYIE2\config/blacklist.htm
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Fill from Identity &; - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillIdent.html
O8 - Extra context menu item: Fill from Passcard &' - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillPass.html
O8 - Extra context menu item: Rf Options &O - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill && Submit &8 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillSubmit.html
O9 - Extra button: Wallpaper (HKLM)
O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O9 - Extra button: Safenotes (HKLM)
O9 - Extra 'Tools' menuitem: SafeNotes &/ (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37873.7177083333
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as/asinst.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {F8F88D0D-E455-11D6-B547-00400555C7FB} (DiskHealth2 Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab

Your log is fine now marcolou. :)

AnnMarie,
Thank you very much for your assistance, marcolou

You are very welcome. :D