yes another hijack this

That's true! There are 3 others check to ignore also (for a total of 4). You should look set all of the Ignore Products to unchecked when you install SpyBot S&D (unless you know there are certain ones you want to ignore but I think that is unlikely).

jarcher, uncheck those items especially new.net and scan again. See if it helps. Also make sure you have the latest detection definitions. Also try the new Ad-aware SE.
I would run both Ad-aware SE and SpyBot after booting in safe mode.

And go thru the HJT tutorial again because you are not following directions.
1) No one asked for a log.
2) You HJT is out of date
3) you are running it from a ZIP file and a temp directory (BAD BAD BAD idea).

Also post your whole log next time (when we ask). We need to see what's in it. Looks like you edited yours. Don't do that. The tutorial told you to shutdown un-necessary processes (like printer control stuff, browser windows, things shown in your system tray) it did not say edit your log. If you did not edit the log, I apologize but I have never seen a log that would only have those lines and no others.

By the way part of your problem is:
O18 - Protocol: start - {53B95211-7D77-11D2-9F81-00104B107C96} - C:\WINDOWS\System32\msxmlfilt.dll

This is a CWS hijacker. Perhaps you need to go back and follow the stuff here again: http://forums.majorgeeks.com/showthread.php?t=35407

This last link is always to be followed be for considering HJT.

 

Why not? Give more details? Where are you downloading it from?

 

If you follow directions and the info in this link: http://forums.majorgeeks.com/showthread.php?t=35407
given awhile ago, you would have already downloaded the correct version of HijackThis. Forget doing the update that way. I'll save you the trouble of reading again, just go here and download the proper version: http://www.majorgeeks.com/download3155.html

 

There are many items classified as CWS that CWShredder will not fix (don't say cws - cws is the hijacker). CWShredder is a tool used to fix many of the CWS hijacks.

 

Make sure you extract it from the ZIP file into its own directory. Good examples:
c:\Program Files\HJT
c:\SpywareTools\HJT

That means you would have a file called hijackthis.exe in which ever directory you put it in.

 

Make sure you update Ad-aware SE after installing it. Then run a scan with it and fix anything it finds. Now exit all applications (especially browser sessions like Internet Explorer) and run HijackThis. Save the log to a .txt file and post it back here as an attachment.

 

HJT does not find things! We have to find them. HJT just gives you a listing of running processes and a variety of key registry values without any information relating to whether they are good or bad. That is why it is for experts to use and decipher.

So is everything working okay or what?

Did you ever fix the ignore product stuff I told you in my first message with SpyBot S&D and do a new scan? And do it after booting in safe mode? You should also run Ad-aware SE in safe mode one more time.

 

Well that rather a small log isn't it? The only thing I would guess is that all the changes that were made due to your installing WinXP SP2 have made a big change in what HJT normally would pickup from the registry. Was this a log from safe mode or normal mode?

 

That is the worlds smallest Hijack This log, I will give you that.