sorry for the delay in my response, i am located in rural australia.
os- win xp pro
p3 800
256mb ram
20gb seagate hdd
here are the results of the hijack this scan. i hope i have done it correctly as i have not used this before.thanks
Logfile of HijackThis v1.98.2
Scan saved at 8:15:20 PM, on 9/16/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\WINBOOT32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\WINDOWS\SYSTEM32\RAMASST.exe
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\unzipped\hijackthis\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: Clear Search - {00000000-0000-0000-0000-000000000240} - C:\PROGRAM FILES\CLEARSEARCH\IE_CLRSCH.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SearchPRO - {4E7BD74F-2B8D-469E-8EEC-EF64B787BB38} - C:\WINDOWS\DOWNLO~1\SEARCH~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: EasySearchBar - {86790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - C:\PROGRAM FILES\ESB\ESB.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: SearchPRO - {4E7BD74F-2B8D-469E-8EEC-EF64B787BB38} - C:\WINDOWS\DOWNLO~1\SEARCH~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Echo Control] C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Reg Services] WINBOOT32.EXE
O4 - HKLM\..\RunServices: [Reg Services] WINBOOT32.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\SYSTEM32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
O9 - Extra button: EasySearchBar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRAM FILES\ESB\ESB.DLL
O9 - Extra 'Tools' menuitem: EasySearchBar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRAM FILES\ESB\ESB.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: cpcScanner -
http://www.crucial.com/controls/cpcScanner.cabO16 - DPF: Win32 Classes -
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) -
http://www.windowsecurity.com/trojanscan/TDECntrl.CABO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exeO16 - DPF: {4E7BD74F-2B8D-469E-8EEC-EF64B787BB38} (SearchPRO) -
http://www.searchpro.com.au/toolbar/searchpro.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{6B0B68FB-E104-4415-AAF2-CE81ED909AE8}: NameServer = 203.134.64.66 203.134.65.66
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B0B68FB-E104-4415-AAF2-CE81ED909AE8}: NameServer = 203.134.64.66 203.134.65.66