OK, I booted in safe mode and here it is. I have no idea what most of this is. Appreciate the help everyone.
Logfile of HijackThis v1.99.1
Scan saved at 2:30:05 PM, on 5/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) =
www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.washingtonpost.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [dulcfej] C:\WINDOWS\dulcfej.exe
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\system32\winupdt.exe
O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,_Run@16
O4 - HKLM\..\Run: [3o68stzh] C:\Program Files\3o68stzh\3o68stzh.exe
O4 - HKLM\..\Run: [VBundleOuterDL] C:\Program Files\VBouncer\BundleOuter.EXE
O4 - HKLM\..\Run: [BMan] C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
O4 - HKLM\..\Run: [GKYRDLL] C:\WINDOWS\GKYRDLL.EXE
O4 - HKLM\..\Run: [GKYRENC] C:\WINDOWS\GKYRENC.EXE
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitedpb32.exe
O4 - HKLM\..\Run: [exp.exe] C:\WINDOWS\system32\exp.exe
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\system32\wintask.exe
O4 - HKLM\..\Run: [89835ede4aee] C:\WINDOWS\system32\atiiiexx.exe
O4 - HKLM\..\Run: [cfgmgr51] RunDLL32.EXE C:\WINDOWS\cfgmgr51.dll,DllRun
O4 - HKLM\..\Run: [PaciSoft] C:\WINDOWS\system32\pacis.exe
O4 - HKLM\..\Run: [SkyH2] C:\DOCUME~1\LEIGH-~1\LOCALS~1\Temp\lofxd.exe
O4 - HKLM\..\Run: [278f3qS] lftsvc.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\juxymjax.exe
O4 - HKLM\..\Run: [PSof1] C:\WINDOWS\system32\PSof1.exe
O4 - HKLM\..\Run: [wntbny] C:\WINDOWS\system32\npali\wntbny.exe
O4 - HKLM\..\Run: [vbmu] C:\WINDOWS\system32\rqgj\vbmu.exe
O4 - HKLM\..\Run: [pmqpsky] C:\WINDOWS\system32\qeqtma\pmqpsky.exe
O4 - HKLM\..\Run: [qnktaml] C:\WINDOWS\system32\fvgoen\qnktaml.exe
O4 - HKLM\..\Run: [vrxnxvj] C:\WINDOWS\system32\eceg\vrxnxvj.exe
O4 - HKLM\..\Run: [moaws] C:\WINDOWS\system32\fbsfsk\moaws.exe
O4 - HKLM\..\Run: [mil.exeHTML 4.] C:\WINDOWS\system32\mil.exeHTML 4.
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\pyykpk.exe reg_run
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147467285\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\aol\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [System service79] C:\WINDOWS\etb\pokapoka79.exe
O4 - HKLM\..\Run: [quydfb] c:\windows\system32\xtkntve.exe
O4 - HKLM\..\Run: [NwCplMonitor] C:\WINDOWS\system32\redistributor.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [JwrpRke3O] lex0enu.exe
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000079.exe
O4 - HKCU\..\Run: [VSL04.exe] C:\WINDOWS\system32\VSL04.exe
O4 - HKCU\..\Run: [wallpap.exe] C:\WINDOWS\system32\wallpap.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: oppi.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusearch.html?p=ZRxdm027XXUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) -
http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/ClickYesToContinue/ie/bridge-c356.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) -
http://apps.deskwizz.com/ax/adwerkz.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {5F3B3060-09E0-44C6-86F7-BC7B02B57BEE} (Installer Class) -
http://downloads.shopathomeselect.com/vrmedia/grinstall_vrmedia1001.cab
O16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} -
http://www.alwaysupdatednews.com/install/aun_0027.exe
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) -
http://download.toontown.com/sv1.0.7.20/ttinst.cab
O16 - DPF: {C0B285F6-DB2B-4908-9C58-F6D95397D747} -
http://www.pacimedia.com/install/pcs_0015.exe
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://photos.msn.com/r/neutral/controls/MsnPUpld.cab?5,0,1730,0
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) -
http://dgl.microsoft.com/downloads/outc.cab
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: logons - C:\WINDOWS\system32\redist.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: greenstdsystem32 - Unknown owner - C:\WINDOWS\system32\greenstd.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)