Aim Virus...Picture.pif Please help

Unknown

I clicked on the link in my friend's profile. Didn't know it was a virus.
Already tried using ad-aware and my anti-virus avast and it didn't pick anything up

If someone could help me out it would be greatly appreciated.

Here is my logfile:

Logfile of HijackThis v1.99.1
Scan saved at 1:10:06 AM, on 1/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\COMPAQ\Compaq Advisor\bin\compaq-rba.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\WINDOWS\system32\winslogin.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\AL\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://rd.yahoo.com/customize/yessentials_cq/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=2c02&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=2c02&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/customize/yessentials_cq/defaults/su/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/yessentials_cq/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=1c02&lc=0409
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: YBIOCtrl Class - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINDOWS\Downloaded Program Files\ycomp4,0,2,2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Logon Event] winslogin.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\RunOnce: [Microsoft Logon Event] winslogin.exe
O4 - HKCU\..\RunOnce: [*AIMFix] C:\Documents and Settings\AL\Desktop\AIMFix.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=2c02&lc=0409
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet - C:\Program Files\COMPAQ\Compaq Advisor\bin\compaq-rba.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

asian al

Anyone?
Please help

Trogan

Hi, Welcome to Short-Media
-

Check the following in HJT and click 'Fix Checked' - Close ALL open Browsers first

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

O4 - HKLM\..\Run: [Microsoft Logon Event] winslogin.exe
O4 - HKCU\..\RunOnce: [Microsoft Logon Event] winslogin.exe
--

We need to do a search. Click Start > Search > All Files and Folders.
Expand Search Options, check Advanced Options, check Search system folders, Search hidden files and folders, and Search Subfolders.
Paste this into the Search for files and folders named box:

winslogin.exe

If any of these files are found please delete them.
-


Reboot and post a new HJT log

How is AIM now?

asian al

Trogan_1000 wrote:

Hi, Welcome to Short-Media
-

Check the following in HJT and click 'Fix Checked' - Close ALL open Browsers first

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

O4 - HKLM\..\Run: [Microsoft Logon Event] winslogin.exe
O4 - HKCU\..\RunOnce: [Microsoft Logon Event] winslogin.exe
--

We need to do a search. Click Start > Search > All Files and Folders.
Expand Search Options, check Advanced Options, check Search system folders, Search hidden files and folders, and Search Subfolders.
Paste this into the Search for files and folders named box:

winslogin.exe

If any of these files are found please delete them.
-


Reboot and post a new HJT log

How is AIM now?

Thanks so much. You're the man(or girl) not sure if you're m or f.

Trogan

Male

Glad things are working.


Now that your PC is clean you need to follow these easy steps to keeping it this way:

Secure your Internet Explorer by going here and following the instructions there.

Better yet, use an alternative browser! Download FireFox and give it a run. It is far more secure than Internet Explorer. Or, you can get Opera which in my opinion, is better still.

Use a firewall to help prevent your PC's control being usurped by undesireables.

Install and keep updated, Ad-Aware SE, and Spybot S&D.
Run them both on a regular basis, following the manufacturer's recommendations.

Install and keep updated, SpywareBlaster 3.4

Install an anti-virus. There are some good, free AV's available today. Make sure that it is updated regularly and have it scan your system often.

Check for Windows Updates. Microsoft regularly post updates for your systems safe running. Make sure to take advantage of this. Reboot when installed and return to make sure there are no others.


Clear your Temp folders.
Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.
Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.

Empty the Recycle Bin.

For XP users.
After something like this it is a good idea to Flush the Restore Points and start fresh.
To flush the XP system Restore Points.

Go to Start>Run and type msconfig. Press enter.

When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings link on the left.

Check the box labelled 'Turn off System restore'.

Reboot. Go back in and Turn System Restore Back on. A new Restore Point will be created.

Note that all previous restore points will be lost.

===============

If you have any more problems, post back.


Please consider joining the Folding@Home Project
Join our Folding@Home team! Alzheimer's, Parkinson's, cancer... we're trying to cure them with our computers! You've at least read a little about it in the greeting I sent you when you signed up for the site. We're always really pleased to greet new members to the team, and it's a quick way to become an appreciated member of the community.
MORE INFO: READ THIS

asian al

Trogan_1000 wrote:

Male

Glad things are working.


Now that your PC is clean you need to follow these easy steps to keeping it this way:

Secure your Internet Explorer by going here and following the instructions there.

Better yet, use an alternative browser! Download FireFox and give it a run. It is far more secure than Internet Explorer. Or, you can get Opera which in my opinion, is better still.

Use a firewall to help prevent your PC's control being usurped by undesireables.

Install and keep updated, Ad-Aware SE, and Spybot S&D.
Run them both on a regular basis, following the manufacturer's recommendations.

Install and keep updated, SpywareBlaster 3.4

Install an anti-virus. There are some good, free AV's available today. Make sure that it is updated regularly and have it scan your system often.

Check for Windows Updates. Microsoft regularly post updates for your systems safe running. Make sure to take advantage of this. Reboot when installed and return to make sure there are no others.


Clear your Temp folders.
Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.
Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.

Empty the Recycle Bin.

For XP users.
After something like this it is a good idea to Flush the Restore Points and start fresh.
To flush the XP system Restore Points.

Go to Start>Run and type msconfig. Press enter.

When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings link on the left.

Check the box labelled 'Turn off System restore'.

Reboot. Go back in and Turn System Restore Back on. A new Restore Point will be created.

Note that all previous restore points will be lost.

===============

If you have any more problems, post back.


Please consider joining the Folding@Home Project
Join our Folding@Home team! Alzheimer's, Parkinson's, cancer... we're trying to cure them with our computers! You've at least read a little about it in the greeting I sent you when you signed up for the site. We're always really pleased to greet new members to the team, and it's a quick way to become an appreciated member of the community.
MORE INFO: READ THIS

yea here is what i use bro

Anti-virus-Avast
Firewall-Sygate
Spyware- Ad aware, spy doctor
Browser-Mozilla.

I never usually have problems with my comp, im just stupid and clicked on that pic link in my friend's profile and i got it.

But thanks for everything buddy. Greatly appreciate it

My friend has the virus now to!!!
If you have time can you fix his to?

Here's his logfile

Logfile of HijackThis v1.99.1
Scan saved at 6:23:51 PM, on 1/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:..WINDOWS..System32..smss.exe
C:..WINDOWS..system32..winlogon.exe
C:..WINDOWS..system32..services.exe
C:..WINDOWS..system32..lsass.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..System32..svchost.exe
C:..WINDOWS..system32..LEXBCES.EXE
C:..WINDOWS..system32..spoolsv.exe
C:..WINDOWS..system32..LEXPPS.EXE
c:..Program Files..Common Files..Symantec Shared..ccEvtMgr.exe
C:..WINDOWS..System32..spool..drivers..w32x86..hpzstatn.exe
C:..WINDOWS..msoevc.exe
c:..Program Files..Norton AntiVirus..navapsvc.exe
C:..WINDOWS..System32..nvsvc32.exe
C:..Program Files..Softex..OmniPass..Omniserv.exe
C:..WINDOWS..System32..svchost.exe
C:..Program Files..Common Files..Symantec Shared..Security Center..SymWSC.exe
C:..Program Files..Softex..OmniPass..OPXPApp.exe
C:..WINDOWS..Explorer.EXE
C:..windows..system..hpsysdrv.exe
C:..Program Files..Hewlett-Packard..Digital Imaging..Unload..hpqcmon.exe
C:..Program Files..Hewlett-Packard..HP Share-to-Web..hpgs2wnd.exe
C:..HP..KBD..KBD.EXE
C:..Program Files..Common Files..Symantec Shared..ccApp.exe
C:..Program Files..Hewlett-Packard..PhotoSmart..Photo Imaging..Hpi_Monitor.exe
C:..Program Files..Common Files..Microsoft Shared..Works Shared..WkUFind.exe
C:..Program Files..Lexmark 3100 Series..lxbrbmgr.exe
C:..PROGRA~1..LEXMAR~1..LXBRKsk.exe
C:..Program Files..iTunes..iTunesHelper.exe
c:..Program Files..Hewlett-Packard..HP Share-to-Web..hpgs2wnf.exe
C:..Program Files..QuickTime..qttask.exe
C:..Program Files..Lexmark 3100 Series..lxbrbmon.exe
C:..Program Files..Lexmark 3100 Series..lxbrcmon.exe
C:..WINDOWS..system32..RUNDLL32.EXE
C:..Program Files..iPod..bin..iPodService.exe
C:..PROGRA~1..PANICW~1..POP-UP~1..PSFree.exe
C:..Program Files..AIM..aim.exe
C:..WINDOWS..system32..rundll32.exe
C:..WINDOWS..newfrn.exe
C:..Program Files..Mozilla Firefox..firefox.exe
C:..DOCUME~1..Owner..LOCALS~1..Temp..Temporary Directory 1 for hijackthis.zip..HijackThis.exe

R1 - HKCU..Software..Microsoft..Internet Explorer..Main,Default_Page_URL = www.finalcom.net
R1 - HKCU..Software..Microsoft..Internet Explorer..Main,Default_Search_URL = www.google.com
R1 - HKCU..Software..Microsoft..Internet Explorer..Main,Search Bar = www.google.com
R0 - HKCU..Software..Microsoft..Internet Explorer..Main,Start Page = http://www.adelphia.net/
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Bar = www.google.com
R1 - HKLM..Software..Microsoft..Internet Explorer..Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM..Software..Microsoft..Internet Explorer..Main,Start Page =
R0 - HKLM..Software..Microsoft..Internet Explorer..Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU..Software..Microsoft..Internet Explorer..Main,Window Title = Final Communications
R1 - HKCU..Software..Microsoft..Windows..CurrentVersion..Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Adobe..Acrobat 7.0..ActiveX..AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:..PROGRA~1..SPYBOT~1..SDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:..program files..google..googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:..Program Files..Norton AntiVirus..NavShExt.dll
O2 - BHO: (no name) - {C5AF2622-8C75-4dfb-9693-23AB7686A456} - C:..WINDOWS..DH.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:..HP..EXPLOREBAR..HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:..Program Files..Norton AntiVirus..NavShExt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:..program files..google..googletoolbar1.dll
O4 - HKLM......Run: [hpsysdrv] c:..windows..system..hpsysdrv.exe
O4 - HKLM......Run: [HotKeysCmds] C:..WINDOWS..System32..hkcmd.exe
O4 - HKLM......Run: [CamMonitor] c:..Program Files..Hewlett-Packard..Digital Imaging..Unload..hpqcmon.exe
O4 - HKLM......Run: [Share-to-Web Namespace Daemon] c:..Program Files..Hewlett-Packard..HP Share-to-Web..hpgs2wnd.exe
O4 - HKLM......Run: [KBD] C:..HP..KBD..KBD.EXE
O4 - HKLM......Run: [Recguard] C:..WINDOWS..SMINST..RECGUARD.EXE
O4 - HKLM......Run: [NvCplDaemon] RUNDLL32.EXE C:..WINDOWS..System32..NvCpl.dll,NvStartup
O4 - HKLM......Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM......Run: [ccApp] "c:..Program Files..Common Files..Symantec Shared..ccApp.exe"
O4 - HKLM......Run: [ccRegVfy] "c:..Program Files..Common Files..Symantec Shared..ccRegVfy.exe"
O4 - HKLM......Run: [hpfsched] C:..WINDOWS..hpfsched.exe
O4 - HKLM......Run: [HPDJ Taskbar Utility] C:..WINDOWS..System32..spool..drivers..w32x86..3..hpztsb04.exe
O4 - HKLM......Run: [CXMon] "C:..Program Files..Hewlett-Packard..PhotoSmart..Photo Imaging..Hpi_Monitor.exe"
O4 - HKLM......Run: [Micro Update] dailin.exe
O4 - HKLM......Run: [Print Spooler] spools.exe
O4 - HKLM......Run: [Message] mpsvc.exe
O4 - HKLM......Run: [Microsoft Works Update Detection] C:..Program Files..Common Files..Microsoft Shared..Works Shared..WkUFind.exe
O4 - HKLM......Run: [Spyware Stormer] C:..Program Files..Spyware Stormer..SpywareStormer.Exe
O4 - HKLM......Run: [Lexmark 3100 Series] "C:..Program Files..Lexmark 3100 Series..lxbrbmgr.exe"
O4 - HKLM......Run: [LXBRKsk] C:..PROGRA~1..LEXMAR~1..LXBRKsk.exe
O4 - HKLM......Run: [Symantec NetDriver Monitor] C:..PROGRA~1..SYMNET~1..SNDMon.exe
O4 - HKLM......Run: [tgcmd] "c:..Program Files..Adelphia HSAgent..bin..tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM......Run: [MsgCenterExe] "C:..Program Files..Common Files..Real..Update_OB..RealOneMessageCenter.exe" -osboot
O4 - HKLM......Run: [iTunesHelper] "C:..Program Files..iTunes..iTunesHelper.exe"
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [timessquare] C:..windows..timessquare.exe
O4 - HKLM......Run: [0sis001w.dll] RUNDLL32.EXE 0sis001w.dll,b 14656531
O4 - HKLM......Run: [adtech2006] C:..windows..adtech2006a.exe
O4 - HKLM......Run: [drsmartloadb] c:....drsmartloadb.exe
O4 - HKLM......Run: [winsync] C:..WINDOWS..system32..pwiipq.exe reg_run
O4 - HKLM......Run: [NewFrn] C:..WINDOWS..newfrn.exe
O4 - HKLM......RunServices: [Micro Update] dailin.exe
O4 - HKLM......RunServices: [Print Spooler] spools.exe
O4 - HKLM......RunServices: [Message] mpsvc.exe
O4 - HKCU......Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU......Run: [PopUpStopperFreeEdition] "C:..PROGRA~1..PANICW~1..POP-UP~1..PSFree.exe"
O4 - HKCU......Run: [AIM] C:..Program Files..AIM..aim.exe -cnetwait.odl
O4 - HKCU......Run: [Micro Update] dailin.exe
O4 - HKCU......Run: [Message] mpsvc.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:..Program Files..Adobe..Acrobat 7.0..Reader..reader_sl.exe
O8 - Extra context menu item: &AOL Toolbar Search - res://c:..program files..aol..aol toolbar 2.0..aoltbhtml.dll/search.html
O8 - Extra context menu item: &Google Search - res://c:..program files..google..GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:..program files..google..GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:..program files..google..GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:..program files..google..GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:..program files..google..GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:..program files..google..GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O9 - Extra button: PokerNow.net - {3CB10829-C0BC-468a-AE91-E88AC48CB345} - C:..Program Files..PokerNow.net..PokerNownet.exe
O9 - Extra 'Tools' menuitem: PokerNow.net - {3CB10829-C0BC-468a-AE91-E88AC48CB345} - C:..Program Files..PokerNow.net..PokerNownet.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:..Program Files..AIM..aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O12 - Plugin for .spop: C:..Program Files..Internet Explorer..Plugins..NPDocBox.dll
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {346685E3-C383-11CF-A5A4-00AA00A45705} (Image Control) - http://www.equipment-locator.com/Components/PhotoUp/image.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O20 - Winlogon Notify: igfxcui - C:..WINDOWS..SYSTEM32..igfxsrvc.dll
O20 - Winlogon Notify: OPXPGina - C:..Program Files..Softex..OmniPass..opxpgina.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:..Program Files..Common Files..Symantec Shared..ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:..Program Files..Common Files..Symantec Shared..ccPwdSvc.exe
O23 - Service: Printer Status Server (hpzstatn) - Hewlett-Packard Company - C:..WINDOWS..System32..spool..drivers..w32x86..hpzstatn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:..Program Files..Common Files..InstallShield..Driver..11..Intel 32..IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:..Program Files..iPod..bin..iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:..WINDOWS..system32..LEXBCES.EXE
O23 - Service: OSdebug (Microsoft Regulator) - Unknown owner - C:..WINDOWS..msoevc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:..Program Files..Norton AntiVirus..navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:..WINDOWS..System32..nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:..Program Files..Softex..OmniPass..Omniserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..Security Center..SymWSC.exe

Trogan

That log seems kinda strange. It has all those "..." lines in there.

Get your friend to post a new HJT log.