[Closed] Smitfraud and Zlob worm imitator

I used this to check if there were any remains of a smitfruad and zlob infection I am trying to get rid of, I wishto know if anything from this log file is harmful and are bits and pieces of that infection This is the 5th time I've used a number of programs to get rid of the worm files, but they keep coming back and I believe HiJackThis has the answers to what files I missed
 
 
Logfile of HijackThis v1.99.1 
Scan saved at 10:03:54 PM, on 4/26/2008 
Platform: Windows XP SP2 (WinNT 5.01.2600) 
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes: 
C:\\\\WINDOWS\\\\System32\\\\smss.exe 
C:\\\\WINDOWS\\\\system32\\\\winlogon.exe 
C:\\\\WINDOWS\\\\system32\\\\services.exe 
C:\\\\WINDOWS\\\\system32\\\\lsass.exe 
C:\\\\WINDOWS\\\\system32\\\\svchost.exe 
C:\\\\WINDOWS\\\\system32\\\\svchost.exe 
C:\\\\WINDOWS\\\\explorer.exe 
C:\\\\Documents and Settings\\\\Owner\\\\Desktop\\\\HijackThis.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\\\\PROGRA~1\\\\Yahoo!\\\\Companion\\\\Installs\\\\cpn\\\\yt.dll 
F2 - REG:system.ini: Shell=explorer.exe 
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\\\\Program Files\\\\Orbitdownloader\\\\orbitcth.dll 
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\\\\PROGRA~1\\\\Yahoo!\\\\Companion\\\\Installs\\\\cpn\\\\yt.dll 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\\\Program Files\\\\Adobe\\\\Acrobat 7.0\\\\ActiveX\\\\AcroIEHelper.dll 
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\\\\PROGRA~1\\\\SPYBOT~1\\\\SDHelper.dll 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\\\Program Files\\\\Common Files\\\\Microsoft Shared\\\\Windows Live\\\\WindowsLiveLogin.dll 
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\\\program files\\\\google\\\\googletoolbar1.dll 
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\\\Program Files\\\\Windows Live Toolbar\\\\msntb.dll 
O2 - BHO: (no name) - {C57910E2-F661-4E22-8972-EEB5EBD8C43C} - (no file) 
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\\\program files\\\\google\\\\googletoolbar1.dll 
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\\\\PROGRA~1\\\\Yahoo!\\\\Companion\\\\Installs\\\\cpn\\\\yt.dll 
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\\\Program Files\\\\Windows Live Toolbar\\\\msntb.dll 
O3 - Toolbar: dpevflbg - {C71F6A92-8438-46A4-9237-15A1F1AF179D} - C:\\\\WINDOWS\\\\dpevflbg.dll 
O4 - HKLM\\\\..\\\\Run: [ehTray] C:\\\\WINDOWS\\\\ehome\\\\ehtray.exe 
O4 - HKLM\\\\..\\\\Run: [NeroFilterCheck] C:\\\\WINDOWS\\\\system32\\\\NeroCheck.exe 
O4 - HKLM\\\\..\\\\Run: [SunKistEM] C:\\\\Program Files\\\\Digital Media Reader\\\\shwiconem.exe 
O4 - HKLM\\\\..\\\\Run: [CHotkey] zHotkey.exe 
O4 - HKLM\\\\..\\\\Run: [SigmatelSysTrayApp] sttray.exe 
O4 - HKLM\\\\..\\\\Run: [IntelAudioStudio] \\”C:\\\\Program Files\\\\Intel Audio Studio\\\\IntelAudioStudio.exe\\” BOOT 
O4 - HKLM\\\\..\\\\Run: [Reminder] %WINDIR%\\\\Creator\\\\Remind_XP.exe 
O4 - HKLM\\\\..\\\\Run: [Recguard] %WINDIR%\\\\SMINST\\\\RECGUARD.EXE 
O4 - HKLM\\\\..\\\\Run: [RemoteControl] \\”C:\\\\Program Files\\\\CyberLink\\\\PowerDVD\\\\PDVDServ.exe\\” 
O4 - HKLM\\\\..\\\\Run: [IgfxTray] C:\\\\WINDOWS\\\\system32\\\\igfxtray.exe 
O4 - HKLM\\\\..\\\\Run: [HotKeysCmds] C:\\\\WINDOWS\\\\system32\\\\hkcmd.exe 
O4 - HKLM\\\\..\\\\Run: [Persistence] C:\\\\WINDOWS\\\\system32\\\\igfxpers.exe 
O4 - HKLM\\\\..\\\\Run: [QuickTime Task] \\”C:\\\\Program Files\\\\QuickTime\\\\QTTask.exe\\” -atboottime 
O4 - HKLM\\\\..\\\\Run: [iTunesHelper] \\”C:\\\\Program Files\\\\iTunes\\\\iTunesHelper.exe\\” 
O4 - HKLM\\\\..\\\\Run: [avgnt] \\”C:\\\\Program Files\\\\Avira\\\\AntiVir PersonalEdition Classic\\\\avgnt.exe\\” /min 
O4 - HKLM\\\\..\\\\Run: [EPSON Stylus CX4200 Series] C:\\\\WINDOWS\\\\System32\\\\spool\\\\DRIVERS\\\\W32X86\\\\3\\\\E_FATIAEA.EXE /P26 \\”EPSON Stylus CX4200 Series\\” /O6 \\”USB001\\” /M \\”Stylus CX4200\\” 
O4 - HKLM\\\\..\\\\Run: [EPSON Stylus CX4200 Series (Copy 1)] C:\\\\WINDOWS\\\\System32\\\\spool\\\\DRIVERS\\\\W32X86\\\\3\\\\E_FATIAEA.EXE /P35 \\”EPSON Stylus CX4200 Series (Copy 1)\\” /O6 \\”USB001\\” /M \\”Stylus CX4200\\” 
O4 - HKCU\\\\..\\\\Run: [Yahoo! Pager] \\”C:\\\\Program Files\\\\Yahoo!\\\\Messenger\\\\YahooMessenger.exe\\” -quiet 
O4 - HKCU\\\\..\\\\Run: [ctfmon.exe] C:\\\\WINDOWS\\\\system32\\\\ctfmon.exe 
O4 - HKCU\\\\..\\\\Run: [updateMgr] C:\\\\Program Files\\\\Adobe\\\\Acrobat 7.0\\\\Reader\\\\AdobeUpdateManager.exe AcRdB7_0_9 
O4 - HKCU\\\\..\\\\Run: [SpybotSD TeaTimer] C:\\\\Program Files\\\\Spybot - Search & Destroy\\\\TeaTimer.exe 
O4 - HKCU\\\\..\\\\Run: [MSMSGS] \\”C:\\\\Program Files\\\\Messenger\\\\msmsgs.exe\\” /background 
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\\\\Program Files\\\\Adobe\\\\Acrobat 7.0\\\\Reader\\\\reader_sl.exe 
O4 - Global Startup: Install Pending Files.LNK = C:\\\\Program Files\\\\SIFXINST\\\\SIFXINST.EXE 
O8 - Extra context menu item: &AOL Toolbar search - res://C:\\\\Program Files\\\\AOL Toolbar\\\\toolbar.dll/SEARCH.HTML 
O8 - Extra context menu item: &Download by Orbit - res://C:\\\\Program Files\\\\Orbitdownloader\\\\orbitmxt.dll/201 
O8 - Extra context menu item: &Grab video by Orbit - res://C:\\\\Program Files\\\\Orbitdownloader\\\\orbitmxt.dll/204 
O8 - Extra context menu item: &Windows Live Search - res://C:\\\\Program Files\\\\Windows Live Toolbar\\\\msntb.dll/search.htm 
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...uickadd.aspx 
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\\\\Program Files\\\\Orbitdownloader\\\\orbitmxt.dll/203 
O8 - Extra context menu item: Down&load all by Orbit - res://C:\\\\Program Files\\\\Orbitdownloader\\\\orbitmxt.dll/202 
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\\\PROGRA~1\\\\MICROS~2\\\\OFFICE11\\\\EXCEL.EXE/3000 
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\\\\bdoscandel.exe (file missing) 
O9 - Extra \\’Tools\\’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\\\\bdoscandel.exe (file missing) 
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\\\PROGRA~1\\\\MICROS~2\\\\OFFICE11\\\\REFIEBAR.DLL 
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\\\\WINDOWS\\\\system32\\\\Shdocvw.dll 
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\\\\Documents and Settings\\\\Owner\\\\Start Menu\\\\Programs\\\\IMVU\\\\Run IMVU.lnk 
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\\\PROGRA~1\\\\SPYBOT~1\\\\SDHelper.dll 
O9 - Extra \\’Tools\\’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\\\PROGRA~1\\\\SPYBOT~1\\\\SDHelper.dll 
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\\\\Network Diagnostic\\\\xpnetdiag.exe (file missing) 
O9 - Extra \\’Tools\\’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\\\\Network Diagnostic\\\\xpnetdiag.exe (file missing) 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\Program Files\\\\Messenger\\\\msmsgs.exe 
O9 - Extra \\’Tools\\’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\Program Files\\\\Messenger\\\\msmsgs.exe 
O11 - Options group: [INTERNATIONAL] International* 
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail....MSNPUpld.cab 
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://coolsavings.c......cmv5X.cab 
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo......ader3.cab 
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd......scan8.cab 
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi......135967093 
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.......PkMSN.cab 
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.......WXMSN.cab 
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon......56907.cab 
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.gamehouse......oader.cab 
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\\\\PROGRA~1\\\\WI1F86~1\\\\MESSEN~1\\\\MSGRAP~1.DLL 
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\\\\PROGRA~1\\\\WI1F86~1\\\\MESSEN~1\\\\MSGRAP~1.DLL 
O20 - Winlogon Notify: igfxcui - C:\\\\WINDOWS\\\\SYSTEM32\\\\igfxdev.dll 
O21 - SSODL: wdpoefan - {9A540731-6D8D-4CAC-863C-8364A01F4310} - C:\\\\WINDOWS\\\\wdpoefan.dll 
O21 - SSODL: vadokmxt - {280FDD8E-62A8-473D-8F52-3CEA839484D4} - C:\\\\WINDOWS\\\\vadokmxt.dll 
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\\\\Program Files\\\\Avira\\\\AntiVir PersonalEdition Classic\\\\sched.exe 
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\\\\Program Files\\\\Avira\\\\AntiVir PersonalEdition Classic\\\\avguard.exe 
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\\\\Program Files\\\\Common Files\\\\Apple\\\\Mobile Device Support\\\\bin\\\\AppleMobileDeviceService.exe 
O23 - Service: iPod Service - Apple Inc. - C:\\\\Program Files\\\\iPod\\\\bin\\\\iPodService.exe 
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\\\\Program Files\\\\Common Files\\\\New Boundary\\\\PrismXL\\\\PRISMXL.SYS