I have run Spybot S&D, however it is interrupted about 3/4ths of the way through with a "cabrotor error", fixed what I could, ran it again at startup, but it hung up and gave a "parameter incorrect" error.

Ran ad-aware, which also hung up at the end of the fix problem step.

Here is the HJT Log. Any help would be greatly appreciated!!!

Logfile of HijackThis v1.98.2
Scan saved at 4:10:36 PM, on 11/18/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\PTUDFAPP.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\CBFZEY.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDSCHD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\CONFIG\VGAURL.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDLOG.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDDB.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\HJT\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,Default_Search_URL = http://www.searchnow.ws/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - {D6DFF6D8-B94B-4720-B730-1C38C7065C3B} - (no file)
F1 - win.ini: run=hpfsched
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\SYSTB.DLL (file missing)
O2 - BHO: CATLEvents Object - {3EC8E271-FAB9-418a-8A8E-65AEB4029E64} - C:\WINDOWS\TEMP\OFNISAB.DAT
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: CATLEvents Object - {F32F8ECD-6CF3-459D-82F2-9738392C85A8} - C:\WINDOWS\TEMP\OFNISAB.DAT
O2 - BHO: CATLEvents Object - {ED5ABC42-8E4F-4C39-9972-F0CF619D672F} - C:\WINDOWS\TEMP\SABOFNI.DAT
O2 - BHO: CATLEvents Object - {C69FA570-7FDE-4C49-A7BC-CB1CF24BE66B} - C:\WINDOWS\TEMP\LRUAGV.DAT
O2 - BHO: CATLEvents Object - {6A06CDAD-9D2D-42A0-9C91-C0CF7CB9971B} - C:\WINDOWS\TEMP\TENNIW.DAT
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [3dfx Tools] rundll32.exe 3dfxCmn.dll,UpdateRegSettings
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [sxzadppa] C:\WINDOWS\SYSTEM\cbfzey.exe
O4 - HKLM\..\Run: [BASINFO] C:\WINDOWS\HELP\BASINFO.EXE
O4 - HKLM\..\Run: [*BASINFO] C:\WINDOWS\HELP\BASINFO.EXE
O4 - HKLM\..\Run: [*NUTMFC] C:\WINDOWS\ASSEMBLY\NUTMFC.EXE
O4 - HKLM\..\Run: [*DOCAD] C:\WINDOWS\DOCAD.EXE
O4 - HKLM\..\Run: [*WAVEKEY] C:\WINDOWS\WEB\WAVEKEY.EXE
O4 - HKLM\..\Run: [*PCVB] C:\WINDOWS\SYSTEM\TEMP\PCVB.EXE
O4 - HKLM\..\Run: [*ODBCKEY] C:\WINDOWS\ASSEMBLY\ODBCKEY.EXE
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [*WEBINET] C:\WINDOWS\WEB\WEBINET.EXE
O4 - HKLM\..\Run: [*WINNET] C:\WINDOWS\HELP\WINNET.EXE
O4 - HKLM\..\Run: [*MCFTP] C:\WINDOWS\HELP\MCFTP.EXE
O4 - HKLM\..\Run: [*KBAD] C:\WINDOWS\APPPATCH\KBAD.EXE
O4 - HKLM\..\Run: [*BINMC] C:\WINDOWS\APPPATCH\BINMC.EXE
O4 - HKLM\..\Run: [*NUTREG] C:\WINDOWS\WEB\NUTREG.EXE
O4 - HKLM\..\Run: [HPID Scheduler] C:\Program Files\Hewlett-Packard\HP Instant Delivery\hpidschd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [czmhyvur] C:\WINDOWS\czmhyvur.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [lutwlen] C:\WINDOWS\lutwlen.exe
O4 - HKLM\..\Run: [*DISKXML] C:\WINDOWS\MSAGENT\DISKXML.EXE
O4 - HKLM\..\Run: [*INFOBAS] C:\WINDOWS\HELP\INFOBAS.EXE
O4 - HKLM\..\Run: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunOnce: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE rerun
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalOffers/DMO1/sHtdntStnk.cab
O18 - Protocol: sashelploc - {9E6185F9-FFCD-11D1-830E-00A024BF297F} - C:\PROGRAM FILES\SAS\CORE\SASEXE\SASVHELP.DLL

R1 - HKCU\Software\Microsoft\Internet Explorer,Default_Search_URL = http://www.searchnow.ws/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - {D6DFF6D8-B94B-4720-B730-1C38C7065C3B} - (no file)
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\SYSTB.DLL (file missing)
O2 - BHO: CATLEvents Object - {3EC8E271-FAB9-418a-8A8E-65AEB4029E64} - C:\WINDOWS\TEMP\OFNISAB.DAT
O2 - BHO: CATLEvents Object - {F32F8ECD-6CF3-459D-82F2-9738392C85A8} - C:\WINDOWS\TEMP\OFNISAB.DAT
O2 - BHO: CATLEvents Object - {ED5ABC42-8E4F-4C39-9972-F0CF619D672F} - C:\WINDOWS\TEMP\SABOFNI.DAT
O2 - BHO: CATLEvents Object - {C69FA570-7FDE-4C49-A7BC-CB1CF24BE66B} - C:\WINDOWS\TEMP\LRUAGV.DAT
O2 - BHO: CATLEvents Object - {6A06CDAD-9D2D-42A0-9C91-C0CF7CB9971B} - C:\WINDOWS\TEMP\TENNIW.DAT
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [sxzadppa] C:\WINDOWS\SYSTEM\cbfzey.exe
O4 - HKLM\..\Run: [BASINFO] C:\WINDOWS\HELP\BASINFO.EXE
O4 - HKLM\..\Run: [*BASINFO] C:\WINDOWS\HELP\BASINFO.EXE
O4 - HKLM\..\Run: [*NUTMFC] C:\WINDOWS\ASSEMBLY\NUTMFC.EXE
O4 - HKLM\..\Run: [*DOCAD] C:\WINDOWS\DOCAD.EXE
O4 - HKLM\..\Run: [*WAVEKEY] C:\WINDOWS\WEB\WAVEKEY.EXE
O4 - HKLM\..\Run: [*PCVB] C:\WINDOWS\SYSTEM\TEMP\PCVB.EXE
O4 - HKLM\..\Run: [*ODBCKEY] C:\WINDOWS\ASSEMBLY\ODBCKEY.EXE
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\EbatesMoeMoneyMaker0.ex e"
O4 - HKLM\..\Run: [*WEBINET] C:\WINDOWS\WEB\WEBINET.EXE
O4 - HKLM\..\Run: [*WINNET] C:\WINDOWS\HELP\WINNET.EXE
O4 - HKLM\..\Run: [*MCFTP] C:\WINDOWS\HELP\MCFTP.EXE
O4 - HKLM\..\Run: [*KBAD] C:\WINDOWS\APPPATCH\KBAD.EXE
O4 - HKLM\..\Run: [*BINMC] C:\WINDOWS\APPPATCH\BINMC.EXE
O4 - HKLM\..\Run: [*NUTREG] C:\WINDOWS\WEB\NUTREG.EXE
O4 - HKLM\..\Run: [lutwlen] C:\WINDOWS\lutwlen.exe
O4 - HKLM\..\Run: [*DISKXML] C:\WINDOWS\MSAGENT\DISKXML.EXE
O4 - HKLM\..\Run: [*INFOBAS] C:\WINDOWS\HELP\INFOBAS.EXE
O4 - HKLM\..\Run: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\RunOnce: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE rerun
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\Sy350\Tp350\scri350a.ht m (file missing) (HKCU)
O18 - Protocol: sashelploc - {9E6185F9-FFCD-11D1-830E-00A024BF297F} - C:\PROGRAM FILES\SAS\CORE\SASEXE\SASVHELP.DLL

Fix those entries then find and delete the files listed above, reboot and post a new log.

And with all that crap, you should be glad your computer still worked. Probably another week and it wouldn't.

Shall do... Thankfully it is not MY computer. But if you thought that was bad wait till I post the log from my son's computer.

Thanks for the help

Sherry

Could not remove cbfzey.exe, even in safe mode ... any suggestions?

Here is the new log. Thanks again for your help.

Sherry

Logfile of HijackThis v1.98.2
Scan saved at 1:23:41 PM, on 11/30/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\PTUDFAPP.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDSCHD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\CONFIG\VGAURL.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDLOG.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDDB.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: CATLEvents Object - {C69FA570-7FDE-4C49-A7BC-CB1CF24BE66B} - C:\WINDOWS\TEMP\LRUAGV.DAT
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [3dfx Tools] rundll32.exe 3dfxCmn.dll,UpdateRegSettings
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [HPID Scheduler] C:\Program Files\Hewlett-Packard\HP Instant Delivery\hpidschd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [czmhyvur] C:\WINDOWS\czmhyvur.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [lutwlen] C:\WINDOWS\lutwlen.exe
O4 - HKLM\..\Run: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunOnce: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE rerun
O4 - HKCU\..\RunOnce: [*WinLogon] C:\WINDOWS\CONFIG\SRVAS.EXE ren time:1100965723
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalOffers/DMO1/sHtdntStnk.cab

O4 - HKLM\..\Run: [czmhyvur] C:\WINDOWS\czmhyvur.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\SYSUPD.EXE
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [lutwlen] C:\WINDOWS\lutwlen.exe
O4 - HKLM\..\Run: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\RunOnce: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE rerun
O4 - HKCU\..\RunOnce: [*WinLogon] C:\WINDOWS\CONFIG\SRVAS.EXE ren time:1100965723
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsol...ArcadeRdxIE.cab
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalO.../sHtdntStnk.cab

Fix those entries then find and delete the files listed above, reboot and post a new log.

Still can't delete VGAURL.exe

Here's the latest log


Thanks again for all your help.

Sherry

Logfile of HijackThis v1.98.2
Scan saved at 5:00:07 PM, on 11/30/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\PTUDFAPP.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDSCHD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\CONFIG\VGAURL.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDLOG.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDDB.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: CATLEvents Object - {C69FA570-7FDE-4C49-A7BC-CB1CF24BE66B} - C:\WINDOWS\TEMP\LRUAGV.DAT
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [3dfx Tools] rundll32.exe 3dfxCmn.dll,UpdateRegSettings
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [HPID Scheduler] C:\Program Files\Hewlett-Packard\HP Instant Delivery\hpidschd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunOnce: [*vgaurl] C:\WINDOWS\CONFIG\VGAURL.EXE rerun
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe