campared to this problem suicie is looking pretty good

I have done all the steps mentioned up above and still have the Zworm i think. here is my HJT log, please tell me what to do before i pull an officespace on this thing.

Logfile of HijackThis v1.99.0
Scan saved at 7:26:24 PM, on 12/23/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\WINDOWS\system32\msjenh.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\m?iexec.exe
C:\WINDOWS\system32\devldr32.exe
C:\Documents and Settings\Adam Aguilar\Application Data\eetu.exe
C:\Program Files\hijack this\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\DOCUME~1\ADAMAG~1\Desktop\COMPUT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {F8BACD4B-558B-5B2E-DB38-0FC53E7940E4} - C:\WINDOWS\system32\gkfpj.dll
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [anwFdX] C:\documents and settings\adam aguilar\local settings\temp\anwFdX.exe
O4 - HKLM\..\Run: [mFEUq] C:\documents and settings\adam aguilar\local settings\temp\mFEUq.exe
O4 - HKLM\..\Run: [QYoZiP] C:\documents and settings\adam aguilar\local settings\temp\QYoZiP.exe
O4 - HKLM\..\Run: [8n4v] C:\documents and settings\adam aguilar\local settings\temp\8n4v.exe
O4 - HKLM\..\Run: [QbHyptvS6] C:\documents and settings\adam aguilar\local settings\temp\QbHyptvS6.exe
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [RUVrv4Bga] C:\documents and settings\adam aguilar\local settings\temp\RUVrv4Bga.exe
O4 - HKLM\..\Run: [LJ87FMZk] C:\documents and settings\adam aguilar\local settings\temp\LJ87FMZk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H0u2RiepR] msjenh.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Qqle] C:\WINDOWS\system32\m?iexec.exe
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Adam Aguilar\Application Data\eetu.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Any help would be great.

 

Hi mattaguilar!

I wanted to respond to you, because I know that sometimes it seems like forever waiting on help, but it's worth the wait. I just got all my malware problems fixed here. I'm not one of the good guys that will fix yours, but they'll get to you!

Hey, much catchier thread title than the first one! You did a better job of reading the 'read me first before asking for help than the last time too! You've got your HJT installed in your program files where it ought to be instead of running it straight off your desktop like you did before. Like you probably read in the other threads since then, that's pretty important, because now the things you fix with HJT will be backed up, so if you make a mistake, it doesn't have to be permanent. You also had your internet Explorer running the first time, which you're not supposed to do, but this time you had it closed. But you still posted you HJT file in-line instead of using the 'Manage Attachments' button (located below the thread reply box) to attach your log as a .txt or .log attachment. The good guys here want them posted like that so they can manage them easier when they're sorting out your log.

Now you should read the 'No HJT logs until you read this' sticky. The on-line analysers listed at the end do a pretty good job of weeding out the obvious stuff, and it'll give you something to do that's fairly productive and satisfying while you wait for one of the experts to give you a hand!

Trust me, its worth the wait.

Good luck!

P.S. -you missed the D in your thread title.