Here's another HJT log. I thought I included the header
This has always been v2.0.2, which is the updated version.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:18 AM, on 3/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [kvz2b13di4s8zox7tc25yawdbsz6sf6xlidyg2jmb8xx] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\s5zq9foxvf0.exe
O4 - HKCU\..\Run: [fp1q4sfugjsn7ggeon6vkv3v7ovravceufaljz15] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\irtg4dg3.exe
O4 - HKCU\..\Run: [mtfogihriine7karwa5nkjzxpvb819h7cbor655my] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\nzx90smxo5m.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [j93dpmjmog64iwq9fpta4n0pemtnm3k06o6xvf1hbdtr] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\niv7qxcg.exe
O4 - HKCU\..\Run: [xxdwzbx7p4e8zjshwfh27kevafa9o2k1gmd7agkq3q8wz8s] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\qlruca.exe
O4 - HKCU\..\Run: [labfgx7fr89tzjbvea9idwun4fac06wmtrg] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\vgjxzy82b4e.exe
O4 - HKCU\..\Run: [mowyjgygae8hygxm8aozismc0jxbfc] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\uxm3hw.exe
O4 - HKCU\..\Run: [k6ktt0bad3vfeqiey0947v0fsmdy5gpcm9je73m9oz8b] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\i2vrm1fa9w79s.exe
O4 - HKCU\..\Run: [zqbz9vh2pdfpgvg3punkl6dmcc7bwxt7n2pw0jpbf] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\jh16khd4y.exe
O4 - HKCU\..\Run: [iirwfa2j1lc2zwl7n6jfxlwqgh0zdfj8l9z3ncpf7tbph6j278] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\yg3aktho.exe
O4 - HKCU\..\Run: [b5imjnq3r7] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\fi3ydh.exe
O4 - HKCU\..\Run: [bmatkdjzhbybj6q3judc3me1dghd4im1op] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\l1h2n3f.exe
O4 - HKCU\..\Run: [ta443esc3njp92hfzjp26en34x4j8fg2z3diga5gmcjgivzl5i] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\etclkpv.exe
O4 - HKCU\..\Run: [jfrzxzqt1713j58] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\qpaor9h8h.exe
O4 - HKCU\..\Run: [g0uhbng3jk] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\bdtrn0of3.exe
O4 - HKCU\..\Run: [px3rig7ip76k44] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\j3ma4e.exe
O4 - HKCU\..\Run: [r967vc3v17x3mfcrf0] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\fgw4p3k0l2g.exe
O4 - HKCU\..\Run: [gp778add2c3r] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\mvmjo4l.exe
O4 - HKCU\..\Run: [qvfauwzzrz0rr73nbitxvrk6j] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\z3oz7odm0og7.exe
O4 - HKCU\..\Run: [mdyn6mwtnawhk7not2vw7gbk06366b3wdbydwu1zq88h4wlbj] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\xmhpszf068.exe
O4 - HKCU\..\Run: [s2cqbro1e8qyeni2p885i8coe23kxzj3ejki1xc29rsar] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\oe6mohdxqrju.exe
O4 - HKCU\..\Run: [mllowwboxmand] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\xn3wour8w0.exe
O4 - HKCU\..\Run: [ydsook0xqgpd3ze40fcsewj] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\pfv4ceg.exe
O4 - HKCU\..\Run: [f69ygohaijn5h8s4rirpfsd3g2] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\ud7yp1n3b9.exe
O4 - HKCU\..\Run: [fll0z7mjr8q14q06ofakka8wu9whntbds8ty] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\frehft.exe
O4 - HKCU\..\Run: [w1kbj78wevdxgitj6sh52ungeo] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\mr7qd0jwr84r.exe
O4 - HKCU\..\Run: [hkiazb7oanic93a51hne0q6e7] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\oaxvbzz.exe
O4 - HKCU\..\Run: [ifuiemoeq4jfi3] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\g1yei7otqj.exe
O4 - HKCU\..\Run: [ql9inexcggywny873ogevkg4xyst4vxohn0zanje] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\bilqn1d4rlx.exe
O4 - HKCU\..\Run: [ki15r62nyzay6uv8n5q8adx1q] C:\DOCUME~1\Yinghz\LOCALS~1\Temp\shoyle3fpia.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
--
End of file - 6981 bytes