The Hijackthis web site said to post this here and Someone would be able to help me in choosing what to delete, thank
Logfile of HijackThis v1.97.
Scan saved at 12:27:42 PM, on 1/23/200
Platform: Windows XP (WinNT 5.01.2600
MSIE: Internet Explorer v6.00 (6.00.2600.0000
Running processes
C:\WINDOWS\System32\smss.ex
C:\WINDOWS\system32\winlogon.ex
C:\WINDOWS\system32\services.ex
C:\WINDOWS\system32\lsass.ex
C:\WINDOWS\system32\svchost.ex
C:\WINDOWS\System32\svchost.ex
C:\WINDOWS\Explorer.EX
C:\WINDOWS\system32\spoolsv.ex
C:\Program Files\Common Files\Real\Update_OB\realsched.ex
C:\WINDOWS\System32\msrexe.ex
C:\WINDOWS\svchost.ex
C:\Program Files\Messenger\msmsgs.ex
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpCtr.ex
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.ex
C:\Program Files\Internet Explorer\iexplore.ex
C:\WINDOWS\System32\wuauclt.ex
C:\Program Files\Common Files\Real\Update_OB\rnathchk.ex
C:\Documents and Settings\main\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.ex
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://zw.com.tw:3128@DF809JOW4WJ2304LFD0SF9FSD0A2T4LDF809JOW4WJ2304LFD0SF9FSD0A2T4LD.BIZ/search.htm (obfuscated
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://t.rack.cc/s.php?aid=3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://t.rack.cc/s.php?aid=3
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://t.rack.cc/h.php?aid=3
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://t.rack.cc/s.php?aid=3
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://t.rack.cc/h.php?aid=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://t.rack.cc/s.php?aid=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://t.rack.cc/s.php?aid=3
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://zw.com.tw:3128@DF809JOW4WJ2304LFD0SF9FSD0A2T4LDF809JOW4WJ2304LFD0SF9FSD0A2T4LD.BIZ/search.htm (obfuscated
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://t.rack.cc/s.php?aid=3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP =
http://t.rack.cc/h.php?aid=3
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.oc
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dl
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.oc
O4 - HKLM\..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboo
O4 - HKLM\..\Run: [System Service] C:\WINDOWS\System32\msrexe.ex
O4 - HKLM\..\Run: [sys] regedit -s sys.re
O4 - HKLM\..\Run: [Online Service] C:\WINDOWS\svchost.ex
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroun
O4 - HKCU\..\Run: [PrivateNet] C:\PrivateNet\HORNY_COEDS_54[1].exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EX
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/300
O9 - Extra button: SEARCH (HKLM
O9 - Extra button: ENTERTAINMENT (HKLM
O9 - Extra button: PILLS (HKLM
O9 - Extra button: SECURITY (HKLM
O9 - Extra button: SEARCH (HKLM
O9 - Extra button: Messenger (HKLM
O9 - Extra 'Tools' menuitem: Messenger (HKLM
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dl
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37885.975416666
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.ca