help me pleasssssse!!

Hi

I have just registered with this site as I am having serious problems with my pc. Its riddled with spyware problems and , although I have scan with Antispyware, spybot, spyware doctor along with AntiVir and Trojan Hunter. Yet everytime I reboot they come back.......they have affected my file soundmon.exe so no sound is available. It really doing my head in, It has been like this for about a month and I have a load of essays and research to do for university. I have got a log file from hijack this which is posted below. Thanks, in advance, for your time:

C:\WINDOWS\system32\taskman32.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\user\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
F2 - REG:system.ini: Shell=Explorer.exe soundmon.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [winmgr.exe] scvhost.exe
O4 - HKLM\..\Run: [Task Manager Settings] taskman32.exe
O4 - HKLM\..\Run: [Syg4t3 P3rs0n4l F1r3w4ll] vc3h0st.exe
O4 - HKLM\..\Run: [PPL32MGR Service] PPL32MGR.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft MicroP Protocol] wdgmr32.exe
O4 - HKLM\..\Run: [regmgr32nt] msbin32.exe
O4 - HKLM\..\Run: [SoloSentry] C:\PROGRA~1\SRNMIC~1\SOLOSENT.EXE
O4 - HKLM\..\Run: [SoloSchedule] C:\PROGRA~1\SRNMIC~1\SOLOCFG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\Navnt\defalert.exe
O4 - HKLM\..\Run: [Windows Compliant] xdonju.exe
O4 - HKLM\..\Run: [NT Logging Service] syslog32.exe
O4 - HKLM\..\Run: [.mssecure] C:\WINDOWS\System\mssecure.exe
O4 - HKLM\..\Run: [d8Lsoj] C:\WINDOWS\uegomg.exe
O4 - HKLM\..\Run: [NAV Auto Updates] navupdaterx.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.1\THGuard.exe"
O4 - HKLM\..\Run: [iola windows update] iola.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [Microsoft SpAr Service] winsbsd32.exe
O4 - HKLM\..\RunServices: [nvsv32.exe] nvsv32.exe
O4 - HKLM\..\RunServices: [winmgr.exe] scvhost.exe
O4 - HKLM\..\RunServices: [[\JL] C:\WINDOWS\System32\gmfyw.exe
O4 - HKLM\..\RunServices: [Mcafee Auto Protect] mcafeshield.exe
O4 - HKLM\..\RunServices: [QuicktimeMngr] QuicktimeMngr.exe
O4 - HKLM\..\RunServices: [Windows Update Auto Update] wuaumgr.exe
O4 - HKLM\..\RunServices: [Syg4t3 P3rs0n4l F1r3w4ll] vc3h0st.exe
O4 - HKLM\..\RunServices: [PPL32MGR Service] PPL32MGR.exe
O4 - HKLM\..\RunServices: [Task Manager Settings] taskman32.exe
O4 - HKLM\..\RunServices: [Microsoft MicroP Protocol] wdgmr32.exe
O4 - HKLM\..\RunServices: [regmgr32nt] msbin32.exe
O4 - HKLM\..\RunServices: [Windows Compliant] xdonju.exe
O4 - HKLM\..\RunServices: [NAV Auto Updates] navupdaterx.exe
O4 - HKLM\..\RunServices: [iola windows update] iola.exe
O4 - HKCU\..\Run: [Mcafee Auto Protect] mcafeshield.exe
O4 - HKCU\..\Run: [Syg4t3 P3rs0n4l F1r3w4ll] vc3h0st.exe
O4 - HKCU\..\Run: [Task Manager Settings] taskman32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Microsoft MicroP Protocol] wdgmr32.exe
O4 - HKCU\..\Run: [regmgr32nt] msbin32.exe
O4 - HKCU\..\Run: [Windows Compliant] xdonju.exe
O4 - HKCU\..\Run: [Seau] C:\Documents and Settings\user\Application Data\paoo.exe
O4 - HKCU\..\Run: [Qrfjao] C:\WINDOWS\System32\m?hta.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [NAV Auto Updates] navupdaterx.exe
O4 - HKCU\..\RunServices: [regmgr32nt] msbin32.exe
O4 - Global Startup: DriveSelect.lnk = C:\Program Files\321Studios\Xpress Trial\DriveSelect.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: IQ Test - {D9FA68E1-AEE2-48d8-B03D-C37DC602554E} - http://www.personaltest.co.uk (file missing)
O9 - Extra 'Tools' menuitem: IQ Test... - {D9FA68E1-AEE2-48d8-B03D-C37DC602554E} - http://www.personaltest.co.uk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Shared...vSniff.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20751e4fa54...xIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar.../cabsa.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.vibesman.pwp.blueyonder.co.u...p3_mp3.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.blueyonder.co.uk/assets/tool...reQual.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O21 - SSODL: mtklef - {11FD4A35-ECC1-4B94-8E93-07AEA87AFD36} - C:\WINDOWS\System32\xcodca32.dll (file missing)
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: MySql - Unknown - C:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)

 

The first thing everyone is asked to do when looking for help here is read through and perform the necessary steps in the following stick thread. This should take care of a lot of the problems you are having.


READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

If you currently have any of the programs that are listed to download, be sure it is the updated version that is offered by this site. These links remain updated, so the updated version of all of the downloads are available through the links on the thread above.

Try to make it through all the steps in the tutorial and make notes of the results of each scan. If you have problems with any of the steps in the tutorial, make note of that as well in your next reply. After going through all of that, reply here and describe any symptoms that remain on the machine and you will be advised as to the next step.

If you are asked to post a HijackThis log (and don't post before you are asked) make sure you read the following thread first.

NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

When posting a log, be sure to post it as an attachment, not an in-thread paste. Also, you are running HijackThis from the desktop, make sure it is placed in its own secure folder (ex c:\HJT) not any folder under Documents and Settings (Win2k, WinXP), a temp folder or choose to run it directly from the downloaded ZIP file.