I have something on my system that I just cant get rid of. I did as Adii suggested and downloaded HijackTHis and ran it. What next?

Run the application then post in this thread the results. Others will look at it and make suggestions for a possible fix.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:51:28 PM, on 4/30/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\wanmpsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Nikon\NkView6\NkvMon.exe C:\Program Files\WinZip\WZQKPICK.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ntvdm.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.exe O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2 O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [50e25d10] rundll32.exe "C:\WINDOWS\system32\wkghlyos.dll",b O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [BM53d16e8c] Rundll32.exe "C:\WINDOWS\system32\msmmrvuf.dll",s O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [SpybotDeletingA5616] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk" O4 - HKLM\..\RunOnce: [SpybotDeletingC4766] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk" O4 - HKLM\..\RunOnce: [SpybotDeletingA77] command /c del "C:\WINDOWS\system32\efcCstRH.dll" O4 - HKLM\..\RunOnce: [SpybotDeletingC4837] cmd /c del "C:\WINDOWS\system32\efcCstRH.dll" O4 - HKLM\..\RunOnce: [SpybotDeletingA1101] command /c del "C:\WINDOWS\system32\efnyinvh.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC5300] cmd /c del "C:\WINDOWS\system32\efnyinvh.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA9539] command /c del "C:\WINDOWS\system32\fnvrexia.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC1131] cmd /c del "C:\WINDOWS\system32\fnvrexia.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA5256] command /c del "C:\WINDOWS\system32\fyadykhh.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC7476] cmd /c del "C:\WINDOWS\system32\fyadykhh.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA5665] command /c del "C:\WINDOWS\system32\msmmrvuf.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC7076] cmd /c del "C:\WINDOWS\system32\msmmrvuf.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA8299] command /c del "C:\WINDOWS\system32\nurutmkw.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC5824] cmd /c del "C:\WINDOWS\system32\nurutmkw.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA7873] command /c del "C:\WINDOWS\system32\ssqRKbYq.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC8077] cmd /c del "C:\WINDOWS\system32\ssqRKbYq.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA5855] command /c del "C:\WINDOWS\system32\wkghlyos.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC7694] cmd /c del "C:\WINDOWS\system32\wkghlyos.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA415] command /c del "C:\WINDOWS\system32\ytypwygp.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC1455] cmd /c del "C:\WINDOWS\system32\ytypwygp.dll_old" O4 - HKCU\..\Run: [WintelUpdate] C:\DOCUME~1\Owner\LOCALS~1\Temp\2D8C.tmp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [Symantec Network Driver Update Warning] C:\PROGRA~1\Symantec\LIVEUP~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Symantec Network Driver Update Warning] C:\PROGRA~1\Symantec\LIVEUP~1\SNDWarn.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user') O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/c... O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com/pirates/online... O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartAc... O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySp... O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/re... O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic... O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/dow... O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\Acadm 6\InstBanr.ocx O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewo... O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712... O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\Acadm 6\InstFred.ocx O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712... O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\Acadm 6\AcPreview.ocx O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

It looks like you ran SpyBot on there and it's set to delete some stuff on a reboot: O4 - HKLM\..\RunOnce: [SpybotDeletingC5300] cmd /c del "C:\WINDOWS\system32\efnyinvh.dll_old" You want to get rid of this entry here: O4 - HKCU\..\Run: [WintelUpdate] C:\DOCUME~1\Owner\LOCALS~1\Temp\2D8C.tmp.exe Might not be a bad idea to download and run Ccleaner (google it) to clean the temp files and folders on that PC. www.computerselfdefense.com