task manager repetedly locked out ??

I have read through several posts on the task manager being locked out by either viruses or other malware. I followed those procedures already posted. But when i have restarted my system it locks me out again. Also my explorer is rather slow as well. i do not know if they are related or if they are seperate issues. I would list all proceses as well but i can not figure out how to copy them to post here as well.

Have AVG free edition

Super antspyware

lavasoft free home edition

Spybot search and destroy

ccleaner

vundo fix

and the taskmanagerfix

running xp with sp2

AMD64 3000 1GIG Ram and nvidia 6600

Welcome to the Computer Hope Forums freedom07.

Have you gone through the steps here?
If not I think you should do that first of all. It will help our malware experts to better assist you.

thanks for making me re read that. i had skimmed it before. And i didnt think to save the log reports from before. Again my stupid mistake.  using the ESET online scanner now. and will follow it up with the hijack.

No problem.
Just post the logs when you're done and someone will take a look at them as soon as possible.

I double checked the listed procedure and this is the super antispyware log.  the second time i ran it it listed no problems.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/20/2007 at 11:34 PM

Application Version : 3.9.1008

Core Rules Database Version : 3365
Trace Rules Database Version: 1364

Scan type       : Quick Scan
Total Scan Time : 00:21:48

Memory items scanned      : 424
Memory threats detected   : 0
Registry items scanned    : 717
Registry threats detected : 86
File items scanned        : 14792
File threats detected     : 0

Malware.VirusProtectPro
   HKCR\TypeLib\{795175C7-3F75-4F45-AB6C-4FFE32A85BCB}
   HKCR\TypeLib\{795175C7-3F75-4F45-AB6C-4FFE32A85BCB}\1.0
   HKCR\TypeLib\{795175C7-3F75-4F45-AB6C-4FFE32A85BCB}\1.0\0
   HKCR\TypeLib\{795175C7-3F75-4F45-AB6C-4FFE32A85BCB}\1.0\0\win32
   HKCR\TypeLib\{795175C7-3F75-4F45-AB6C-4FFE32A85BCB}\1.0\FLAGS
   HKCR\TypeLib\{795175C7-3F75-4F45-AB6C-4FFE32A85BCB}\1.0\HELPDIR
   HKCR\Interface\{0A8C61AE-9639-4E4D-AF61-25B0CE935EAB}
   HKCR\Interface\{0A8C61AE-9639-4E4D-AF61-25B0CE935EAB}\ProxyStubClsid
   HKCR\Interface\{0A8C61AE-9639-4E4D-AF61-25B0CE935EAB}\ProxyStubClsid32
   HKCR\Interface\{0A8C61AE-9639-4E4D-AF61-25B0CE935EAB}\TypeLib
   HKCR\Interface\{0A8C61AE-9639-4E4D-AF61-25B0CE935EAB}\TypeLib#Version
   HKCR\Interface\{0DF3EB27-E122-4E77-9481-D9332351B606}
   HKCR\Interface\{0DF3EB27-E122-4E77-9481-D9332351B606}\ProxyStubClsid
   HKCR\Interface\{0DF3EB27-E122-4E77-9481-D9332351B606}\ProxyStubClsid32
   HKCR\Interface\{0DF3EB27-E122-4E77-9481-D9332351B606}\TypeLib
   HKCR\Interface\{0DF3EB27-E122-4E77-9481-D9332351B606}\TypeLib#Version
   HKCR\Interface\{1BA582C8-6240-4DC4-BB8E-1B764134A47B}
   HKCR\Interface\{1BA582C8-6240-4DC4-BB8E-1B764134A47B}\ProxyStubClsid
   HKCR\Interface\{1BA582C8-6240-4DC4-BB8E-1B764134A47B}\ProxyStubClsid32
   HKCR\Interface\{1BA582C8-6240-4DC4-BB8E-1B764134A47B}\TypeLib
   HKCR\Interface\{1BA582C8-6240-4DC4-BB8E-1B764134A47B}\TypeLib#Version
   HKCR\Interface\{1F6BD5E9-CEBD-4EB8-94B5-9C4E9C219306}
   HKCR\Interface\{1F6BD5E9-CEBD-4EB8-94B5-9C4E9C219306}\ProxyStubClsid
   HKCR\Interface\{1F6BD5E9-CEBD-4EB8-94B5-9C4E9C219306}\ProxyStubClsid32
   HKCR\Interface\{1F6BD5E9-CEBD-4EB8-94B5-9C4E9C219306}\TypeLib
   HKCR\Interface\{1F6BD5E9-CEBD-4EB8-94B5-9C4E9C219306}\TypeLib#Version
   HKCR\Interface\{3DE68A1C-09C2-4724-BB80-CB5AAFB96D99}
   HKCR\Interface\{3DE68A1C-09C2-4724-BB80-CB5AAFB96D99}\ProxyStubClsid
   HKCR\Interface\{3DE68A1C-09C2-4724-BB80-CB5AAFB96D99}\ProxyStubClsid32
   HKCR\Interface\{3DE68A1C-09C2-4724-BB80-CB5AAFB96D99}\TypeLib
   HKCR\Interface\{3DE68A1C-09C2-4724-BB80-CB5AAFB96D99}\TypeLib#Version
   HKCR\Interface\{720B32BB-73D5-4551-B743-986224487121}
   HKCR\Interface\{720B32BB-73D5-4551-B743-986224487121}\ProxyStubClsid
   HKCR\Interface\{720B32BB-73D5-4551-B743-986224487121}\ProxyStubClsid32
   HKCR\Interface\{720B32BB-73D5-4551-B743-986224487121}\TypeLib
   HKCR\Interface\{720B32BB-73D5-4551-B743-986224487121}\TypeLib#Version
   HKCR\Interface\{72A238C6-F6A8-41D3-90FD-95F31F02FB33}
   HKCR\Interface\{72A238C6-F6A8-41D3-90FD-95F31F02FB33}\ProxyStubClsid
   HKCR\Interface\{72A238C6-F6A8-41D3-90FD-95F31F02FB33}\ProxyStubClsid32
   HKCR\Interface\{72A238C6-F6A8-41D3-90FD-95F31F02FB33}\TypeLib
   HKCR\Interface\{72A238C6-F6A8-41D3-90FD-95F31F02FB33}\TypeLib#Version
   HKCR\Interface\{76C8C569-C4B8-4E0C-AE87-E1166D7FE005}
   HKCR\Interface\{76C8C569-C4B8-4E0C-AE87-E1166D7FE005}\ProxyStubClsid
   HKCR\Interface\{76C8C569-C4B8-4E0C-AE87-E1166D7FE005}\ProxyStubClsid32
   HKCR\Interface\{76C8C569-C4B8-4E0C-AE87-E1166D7FE005}\TypeLib
   HKCR\Interface\{76C8C569-C4B8-4E0C-AE87-E1166D7FE005}\TypeLib#Version
   HKCR\Interface\{79E77B74-D820-4E39-802F-084F9DDCE038}
   HKCR\Interface\{79E77B74-D820-4E39-802F-084F9DDCE038}\ProxyStubClsid
   HKCR\Interface\{79E77B74-D820-4E39-802F-084F9DDCE038}\ProxyStubClsid32
   HKCR\Interface\{79E77B74-D820-4E39-802F-084F9DDCE038}\TypeLib
   HKCR\Interface\{79E77B74-D820-4E39-802F-084F9DDCE038}\TypeLib#Version
   HKCR\Interface\{8F7AFA67-ADC0-4227-B799-34F7800EBC96}
   HKCR\Interface\{8F7AFA67-ADC0-4227-B799-34F7800EBC96}\ProxyStubClsid
   HKCR\Interface\{8F7AFA67-ADC0-4227-B799-34F7800EBC96}\ProxyStubClsid32
   HKCR\Interface\{8F7AFA67-ADC0-4227-B799-34F7800EBC96}\TypeLib
   HKCR\Interface\{8F7AFA67-ADC0-4227-B799-34F7800EBC96}\TypeLib#Version
   HKCR\Interface\{C254C9C5-DE04-49F1-9FC1-72EF4F7F1F6C}
   HKCR\Interface\{C254C9C5-DE04-49F1-9FC1-72EF4F7F1F6C}\ProxyStubClsid
   HKCR\Interface\{C254C9C5-DE04-49F1-9FC1-72EF4F7F1F6C}\ProxyStubClsid32
   HKCR\Interface\{C254C9C5-DE04-49F1-9FC1-72EF4F7F1F6C}\TypeLib
   HKCR\Interface\{C254C9C5-DE04-49F1-9FC1-72EF4F7F1F6C}\TypeLib#Version
   HKCR\Interface\{CA91A4F1-3DC6-4D10-8AE3-8545E86D9DB8}
   HKCR\Interface\{CA91A4F1-3DC6-4D10-8AE3-8545E86D9DB8}\ProxyStubClsid
   HKCR\Interface\{CA91A4F1-3DC6-4D10-8AE3-8545E86D9DB8}\ProxyStubClsid32
   HKCR\Interface\{CA91A4F1-3DC6-4D10-8AE3-8545E86D9DB8}\TypeLib
   HKCR\Interface\{CA91A4F1-3DC6-4D10-8AE3-8545E86D9DB8}\TypeLib#Version
   HKCR\Interface\{D0E42329-DCA9-4825-B87D-04B789BBB169}
   HKCR\Interface\{D0E42329-DCA9-4825-B87D-04B789BBB169}\ProxyStubClsid
   HKCR\Interface\{D0E42329-DCA9-4825-B87D-04B789BBB169}\ProxyStubClsid32
   HKCR\Interface\{D0E42329-DCA9-4825-B87D-04B789BBB169}\TypeLib
   HKCR\Interface\{D0E42329-DCA9-4825-B87D-04B789BBB169}\TypeLib#Version
   HKCR\Interface\{D92E0D32-8D1B-4B8B-AF26-0676C5158ADA}
   HKCR\Interface\{D92E0D32-8D1B-4B8B-AF26-0676C5158ADA}\ProxyStubClsid
   HKCR\Interface\{D92E0D32-8D1B-4B8B-AF26-0676C5158ADA}\ProxyStubClsid32
   HKCR\Interface\{D92E0D32-8D1B-4B8B-AF26-0676C5158ADA}\TypeLib
   HKCR\Interface\{D92E0D32-8D1B-4B8B-AF26-0676C5158ADA}\TypeLib#Version
   HKCR\Interface\{E082EF71-40AF-4A4E-B036-BB773F450B53}
   HKCR\Interface\{E082EF71-40AF-4A4E-B036-BB773F450B53}\ProxyStubClsid
   HKCR\Interface\{E082EF71-40AF-4A4E-B036-BB773F450B53}\ProxyStubClsid32
   HKCR\Interface\{E082EF71-40AF-4A4E-B036-BB773F450B53}\TypeLib
   HKCR\Interface\{E082EF71-40AF-4A4E-B036-BB773F450B53}\TypeLib#Version
   HKCR\Interface\{EAB5EB70-E2F1-4ADA-B033-151A71B9AA3F}
   HKCR\Interface\{EAB5EB70-E2F1-4ADA-B033-151A71B9AA3F}\ProxyStubClsid
   HKCR\Interface\{EAB5EB70-E2F1-4ADA-B033-151A71B9AA3F}\ProxyStubClsid32
   HKCR\Interface\{EAB5EB70-E2F1-4ADA-B033-151A71B9AA3F}\TypeLib
   HKCR\Interface\{EAB5EB70-E2F1-4ADA-B033-151A71B9AA3F}\TypeLib#Version




i ran the ESET  and it came back with no threats found as well.

When i went to update the java. i got a Plug-in fatal error
Several java Machines running in the same process caused an error

What is the next step that i need to take now ??

Did you uninstall older versions of Java?

When you go here:
http://javatester.org/version.html
what does it say about your Java?

We need your HijackThis log.

i just installed jave SE Development kit 6 update 3 and it told me i already had that so i re installed it.


and this is what the hijackthis  log showed me after the java re install.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:05 AM, on 12/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
D:\WINDOWS\system32\lxdjcoms.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\VIA\RAID\raid_tool.exe
D:\WINDOWS\CTHELPER.EXE
D:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Program Files\STOPzilla!\STOPzilla.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - D:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - D:\Program Files\STOPzilla!\SZIEBHO.dll
O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - D:\PROGRA~1\COMMON~1\System\D_4362.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - D:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [RaidTool] D:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AS00_Gear311T] D:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [lxdjmon.exe] "D:\Program Files\Lexmark 1400 Series\lxdjmon.exe"
O4 - HKLM\..\Run: [LXDJCATS] rundll32 D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [YSearchProtection] D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] D:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: update.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Yahoo! Search - file:///D:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///D:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///D:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///D:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.augustarealtorsmls.com
O15 - Trusted Zone: www.getoffutt.com
O16 - DPF: {0D9633EB-D799-4626-B34E-FCC17AFA2BCF} (osi_valid.uCltValid10) - http://www.augustarealtorsmls.com/aug/valid/osi_valid9j.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll

Had tp cut the log. wouldnt let me post it all together. said it was over the 10000 character limit



O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158350743234
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgwlntf - D:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdj_device -   - D:\WINDOWS\system32\lxdjcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) -   - D:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - D:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe

--
End of file - 10545 bytes

Oh i also got the pink box after i re installed the java 6. when i tried it before the re install i didnt get anything in the display box.

Firstly, I don't see any firewall running, unless you're using Windows firewall.
Secondly, you're still using older Java version: jre1.6.0_02. Uninstall all Java instances through Add/Remove. Download newest version (http://www.java.com/en/download/index.jsp), and install it.

Now...

Disable Spybot TeaTimer:
Right click Spybot's TeaTimer System Tray Icon > click Exit Spybot-S&D Resident.
TeaTimer closes.


1. Print this post out, since you won't have an access to it, at some point.

2. Close all windows, except for HijackThis.

3. Put a checkmark next to the following HijackThis entries:

- O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - D:\PROGRA~1\COMMON~1\System\D_4362.dll

- O4 - Global Startup: update.exe

- O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

- O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

4. Click on "Fix checked" button.

5. Turn off System Restore:

- Windows XP:
   1. Click Start.
   2. Right-click the My Computer icon, and then click Properties.
   3. Click the System Restore tab.
   4. Check "Turn off System Restore".
   5. Click Apply.   
   6.  When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
   7. Click OK.
- Windows Vista:
   1. Click Start.
   2. Right-click the Computer icon, and then click Properties.
   3. Click on System Protection under the Tasks column on the left side
   4. Click on Continue on the "User Account Control" window that pops up
   5. Under the System Protection tab, find Available Disks
   6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
   7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
   8. Click OK

6. Restart in Normal Mode.

7. Turn System Restore on.

8. Restart TeaTimer:
Using Windows Explorer, navigate to C:\Program Files\Spybot - Search & Destroy.
Double click TeaTimer.exe to start it.

9. Run HijackThis again, and post back its log back here.

i uninstalled the java then re installed in again and verified it.

and then re ran hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:51:47 PM, on 12/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
D:\WINDOWS\system32\lxdjcoms.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\STOPzilla!\STOPzilla.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\VIA\RAID\raid_tool.exe
D:\WINDOWS\CTHELPER.EXE
D:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe
D:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - D:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - D:\Program Files\STOPzilla!\SZIEBHO.dll
O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - D:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [RaidTool] D:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AS00_Gear311T] D:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [lxdjmon.exe] "D:\Program Files\Lexmark 1400 Series\lxdjmon.exe"
O4 - HKLM\..\Run: [LXDJCATS] rundll32 D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [YSearchProtection] D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] D:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Yahoo! Search - file:///D:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///D:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///D:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///D:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.augustarealtorsmls.com
O15 - Trusted Zone: www.getoffutt.com
O16 - DPF: {0D9633EB-D799-4626-B34E-FCC17AFA2BCF} (osi_valid.uCltValid10) - http://www.augustarealtorsmls.com/aug/valid/osi_valid9j.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158350743234

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgwlntf - D:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdj_device -   - D:\WINDOWS\system32\lxdjcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) -   - D:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - D:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe

--
End of file - 10207 bytes


concering the fire wall i thought AVG free edition had a fire wall with it. and i tried to turn on the windows fire wall. but it wouldnt give me the option to switch it from being turned off.

again thany you for all of your assistance with my issues. 

With your HJT log, we're almost done.
Run it again, and put checkmark next to:
- O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - (no file)
Click "Fix checked" button.
Restart computer. Post new HJT log.

No, AVG doesn't provide firewall.

i tried to turn on the windows fire wall. but it wouldnt give me the option to switch it from being turned off.

What happens? Does it say, it's OFF?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:33:43 PM, on 12/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
D:\WINDOWS\system32\lxdjcoms.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\VIA\RAID\raid_tool.exe
D:\WINDOWS\CTHELPER.EXE
D:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\STOPzilla!\STOPzilla.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - D:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - D:\Program Files\STOPzilla!\SZIEBHO.dll
O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - D:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [RaidTool] D:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AS00_Gear311T] D:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [lxdjmon.exe] "D:\Program Files\Lexmark 1400 Series\lxdjmon.exe"
O4 - HKLM\..\Run: [LXDJCATS] rundll32 D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [YSearchProtection] D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] D:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Yahoo! Search - file:///D:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///D:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///D:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///D:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.augustarealtorsmls.com
O15 - Trusted Zone: www.getoffutt.com
O16 - DPF: {0D9633EB-D799-4626-B34E-FCC17AFA2BCF} (osi_valid.uCltValid10) - http://www.augustarealtorsmls.com/aug/valid/osi_valid9j.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158350743234
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgwlntf - D:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. -

D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdj_device -   - D:\WINDOWS\system32\lxdjcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) -   - D:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - D:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe

--
End of file - 10419 bytes




when i tried to turn on the fire wall. the on and off buttons where faded back like a shadow. . kind of like the thing where unless you click on I Agree to the terms of what ever. Then once you click yes you can activate it or move on. Hope that makes sense. 

We still were not able to remove:
- O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - (no file)
That's most likely, because your Spybot TeaTimer is running.
To temporarily disable it:
Right click Spybot's TeaTimer System Tray Icon > click Exit Spybot-S&D Resident.
          o TeaTimer closes.

Open HJT, and put checkmark next to:
- O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - (no file)
Click on "Fix checked" button.
Close HJT.

Re-enable TeaTimer:
Using Windows Explorer, navigate to C:\Program Files\Spybot - Search & Destroy.
Double click TeaTimer.exe to start it.

Restart computer.
Open HJT. You don't have to post any new log. Just let me know, if:
O2 - BHO: (no name) - {FDEA2C12-A476-A13C-2B4C-A3BD546315C2} - (no file)
entry is gone.

As for Windows firewall....does it say, it's ON, or OFF?

it is gone now.

and the fire wall is off and it appears i can not turn it back on

it is gone now.

Cool...

How is your Task Manager doing now?

Download, and install free Comodo firewall: http://www.personalfirewall.comodo.com/

I'll investigate your Windows firewall further, but I want you to be safe, and Comodo firewall is much better, anyway.

As for your Windows firewall...
Go Start>Run, type in:
services.msc
Hit Enter.
Find Windows Firewall entry, and tell me what does it say under Status, and Startup type column.
Don't change anything

under status it says started

under start up says automatic

and didnt change anything  

Go Start>Run, type in:
regedit
Hit Enter.
Navigate to:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \
If you have a folder:
WindowsFirewall
right click on it, and click Export. Save it to known location.
Right click again, click Delete.
Close regedit.
Restart Windows. Check if firewall options are still greyed out.

How about your Task Manager?

after deleting that register key the windows firewall is no longer greyed out. and it was on when i pulled it up as well. thanks for all of your help with this problem i had. is there anything else i need to do at this point ? 

Good going

it was on when i pulled it up as well

You turned it off? Did you install Comodo?

Is your Task Manager working OK?

Task manager is no longer a problem 

and thanks again for all of your help. not sure how much it would have cost me and to be with out my computer for a week or so if i would have taken it to a shop to fix.

And thanks for helping me straighten out the fire wall as well 

if i could buy ya a six pack i would   

You're very welcome, but I'm still not clear about your firewall situation.
Do you have Windows firewall turned off, and Comodo running?

sorry if i was not clear before but i have them both on now. windows and comondo

Not good. It calls for some conflict.
Turn Windows firewall off.

OK will do that . is there anything else i should do ?

That should do it.