Found a huge bunch of spyware on my sister's computer, ran spybot s&d couldnt fix them, the rest allaboutsearching, locators.com, webalize, casterror and search toolbar I found on the hijackthis log, just wanted to know is it ok to have hijackthis fix it right out? thanks

You should also try adaware first. Install and update it. Then run it and spybot from safemode. Also try THIS . Some of it sounds like CoolWebSearch (which is hard to remove), but I am not positive. If the CoolWWWSearch SmartKiller, adaware and spybot do not work, post your hijack this log here.

Tried, CoolWebSearch not found on computer, also ran adaware and spybot the extra toolbars on IE are gone but ads still popup a lot and there's many processes that were'nt there before, which of these cna i remove? Logfile of HijackThis v1.97.7 Scan saved at 4:35:44 PM, on 5/4/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spoolsv.exe c:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\System32\S3apphk.exe C:\PROGRA~1\NORTON~1\navapw32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\docume~1\owner\locals~1\temp\Gtb.exe C:\docume~1\owner\locals~1\temp\lzE.exe C:\Program Files\ICQPlus\vplus.exe C:\Program Files\ICQPlus\vplus.exe C:\Program Files\ICQ\ICQ.exe C:\Program Files\MSN Messenger\MsnMsgr.exe C:\WINDOWS\System32\WeaKjSi.exe C:\WINDOWS\System32\Qdqc4j1R.exe C:\Program Files\Real\RealOne Player\realplay.exe C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe C:\Documents and Settings\Owner\My Documents\K.K\HijackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = about:blank R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_0_2_6.dll O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D7E4-F660B597BF2A} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [S3apphk] S3apphk.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe O4 - HKLM\..\Run: [itchsixth] C:\PROGRA~1\4 active dash\Bold Online Inter.exe O4 - HKLM\..\Run: [Gtb.exe] C:\docume~1\owner\locals~1\temp\Gtb.exe O4 - HKLM\..\Run: [lzE.exe] C:\docume~1\owner\locals~1\temp\lzE.exe O4 - HKLM\..\Run: [2P6WFAX43ZHE7C] C:\WINDOWS\System32\GtnSCZ.exe O4 - HKLM\..\Run: [sxepszqz] C:\WINDOWS\sxepszqz.exe O4 - HKLM\..\Run: [qhan] C:\WINDOWS\qhan.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ICQ Plus] "C:\Program Files\ICQPlus\vplus.exe" O4 - HKCU\..\Run: [cpntmgc] C:\WINDOWS\navpmc\navpmc.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background O4 - HKCU\..\Run: [WAPI] C:\WINDOWS\System32\wtssvit.exe O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\ICQ.exe -trayboot O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.exe O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: MktBrowser (HKLM) O9 - Extra 'Tools' menuitem: MarketBrowser (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: ICQ Pro (HKLM) O9 - Extra 'Tools' menuitem: ICQ (HKLM) O9 - Extra button: MoneySide (HKLM) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt0_x.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/23e24247138d05037806/netzip/RdxIE601.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37605.5477083333 O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/essentials/ymmapi_0727.dll O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab