HijackThis Log - please do help, cannot sleep already..

Dears,

I'm asking for your help here - since already for several days in a row I cannot have normal sleep, since all time is taken by this computer of mine which suddenly started to behave extremely strange.

To make a long story short - suddenly a couple of days ago performance of computer became extremely slow. Taskmanager shows extremely high load of CPU by critical Windows processes - explorer.exe and services.exe. Sometimes the system goes even into BSOD..

I could almost believe it's a hardware problem, however Safe Mode works just fine.

Things which have been done already to fix the problem:

- Checked with latest anti-viruses from Kaspersky, Dr-Web
- Checked with anti-spyware removal tools - AdAware, Microsoft Anti-spyware, Windows maulicious software removal, True Sword

All these programs found some trojans here and there, but True Sword found enormous amount of changed files in the typical windows processes - lsass.exe, services.exe etc - and even Logitech's SetPoint driver (and this is already suspicious since Logitech cannot supply drivers with trojans).

In the end I tried turning off and on all possible not needed Windows services - but all to no effect.. Finally, I performed Sfc /scannow and it apparently restored some original DLLs, but still the computer is extremely slow and CPU load of the key processes is extremely high...

Please, help...

Here's the log of Hijackthis:

**************************************************************************************
Logfile of HijackThis v1.99.1
Scan saved at 9:10:03, on 18.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\System32\nvsvc32.exe
H:\Program Files\DrWeb\SpiderNT.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Logitech\iTouch\iTouch.exe
H:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
H:\WINDOWS\System32\UAService7.exe
H:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
H:\PROGRA~1\DrWeb\spidernt.exe
H:\Program Files\Punto\ps.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\MSN Messenger\MsnMsgr.Exe
H:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Ahead\Nero\nero.exe
H:\Documents and Settings\Konstantin\Desktop\New\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http= proxy.mtu.ru:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R3 - URLSearchHook: (no name) - {30DA811B-BCBF-4aa7-B5E3-CEE0E03EF2B2} - (no file)
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - H:\Program Files\Common Files\ReGet Shared\Catcher.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar2.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - H:\Internet\ReGetDx\iebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [zBrowser Launcher] H:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "H:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe"
O4 - HKLM\..\Run: [CTSysVol] H:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SBDrvDet] H:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpIDerNT] H:\PROGRA~1\DrWeb\spidernt.exe /agent
O4 - HKLM\..\Run: [gcasServ] "H:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [Punto Switcher] H:\Program Files\Punto\ps.exe
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = H:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://h:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://h:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://h:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://h:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - H:\Program Files\Common Files\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - H:\Program Files\Common Files\ReGet Shared\CC_All.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://h:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://h:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\program files\bonjour\mdnsnsp.dll
O15 - Trusted Zone: http://v5.windowsupdate.microsoft.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1094466151453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1122584952296
O18 - Protocol: mmdtp - {E62C17EA-223C-4022-881D-2796CCD31CA6} - C:\Program Files\Золотой фонд\mmdtp.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "H:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpIDer Guard for Windows NT (spidernt) - Doctor Web, Ltd. - H:\Program Files\DrWeb\SpiderNT.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - H:\WINDOWS\System32\UAService7.exe