Here is my hijackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:45 AM, on 6/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
D:\My download\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mshome/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: XAudioService - Unknown owner - C:\WINDOWS\system32\DRIVERS\xaudio.exe (file missing)
--
End of file - 5728 bytes
Here's my startup process list (using hijackthis to generate the log, not sure if it useful here):
Process list saved on 12:12:32 AM, on 6/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
[pid] [full path to filename] [file version] [company name]
576 C:\WINDOWS\System32\smss.exe 5.1.2600.5512 Microsoft Corporation
672 C:\WINDOWS\system32\winlogon.exe 5.1.2600.5512 Microsoft Corporation
724 C:\WINDOWS\system32\services.exe 5.1.2600.5512 Microsoft Corporation
736 C:\WINDOWS\system32\lsass.exe 5.1.2600.5512 Microsoft Corporation
908 C:\WINDOWS\system32\Ati2evxx.exe 6.14.10.4163 ATI Technologies Inc.
928 C:\WINDOWS\system32\svchost.exe 5.1.2600.5512 Microsoft Corporation
1064 C:\WINDOWS\System32\svchost.exe 5.1.2600.5512 Microsoft Corporation
1248 C:\WINDOWS\system32\Ati2evxx.exe 6.14.10.4163 ATI Technologies Inc.
1568 C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 7.1.0.12 Lavasoft
1636 C:\WINDOWS\Explorer.EXE 6.0.2900.5512 Microsoft Corporation
2008 C:\WINDOWS\system32\spoolsv.exe 5.1.2600.5512 Microsoft Corporation
216 C:\WINDOWS\RTHDCPL.EXE 2.0.4.2 Realtek Semiconductor Corp.
296 C:\WINDOWS\system32\rundll32.exe 5.1.2600.5512 Microsoft Corporation
312 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe 8.0.0.0 Adobe Systems Incorporated
328 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe 6.0.60.2 Sun Microsystems, Inc.
336 C:\Program Files\Notebook Hardware Control\nhc.exe 1.8.9.6 http://www.pbus-167.com
352 C:\PROGRA~1\AVG\AVG8\avgtray.exe 8.0.0.94 AVG Technologies CZ, s.r.o.
460 C:\Program Files\Messenger\msmsgs.exe 4.7.0.3001 Microsoft Corporation
468 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 1.5.2.16 Safer Networking Limited
480 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE 2.0.0.0 ATI Technologies Inc.
540 C:\WINDOWS\system32\ctfmon.exe 5.1.2600.5512 Microsoft Corporation
1244 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe 2.0.0.0 ATI Technologies Inc.
1548 C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 8.0.0.100 AVG Technologies CZ, s.r.o.
3236 C:\PROGRA~1\AVG\AVG8\avgrsx.exe 8.0.0.84 AVG Technologies CZ, s.r.o.
172 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 2.0.-14809.1433 Microsoft Corporation
2156 C:\WINDOWS\system32\wuauclt.exe 5.4.3790.5512 Microsoft Corporation
240 D:\My download\HiJackThis\HijackThis.exe 2.0.0.2 Trend Micro Inc.
Please help me take a look! Thank you!