After reading this thread I followed your link to HiJackThis which said to paste the results of the log file here at the forum for you to see...
Okay, well, here it is... too bad there is not an attach feature... Hope you can tell me how to get rid of this search engine: Intelligent Explorer. I suspect I got this when it perfomred one of those dirty tricks by popping up a window when I was in mid click on something else. I am a fast typer so this happens occasionally. I never install this kind of crap. :/
Logfile of HijackThis v1.97.7
Scan saved at 10:36:26 PM, on 2/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinVNC\RealVNC\WinVNC\WinVNC.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\msbb.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\DownloadWare\dw.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Popup Ad Filter\PopFilter.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Macromedia\Flash MX\Flash.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
D:\TO CD BURNER\APPS\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.ieplugin.com/search.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.ieplugin.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.ieplugin.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.ieplugin.com/search.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://search.ieplugin.com/search.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.ieplugin.com/search.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://search.ieplugin.com/q.cgi?q=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
http://localhost O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {69135BDE-5FDC-4B61-98AA-82AD2091BCCC} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D14641FA-445B-448E-9994-209F7AF15641} - C:\WINDOWS\SYSTEM32\mbho.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [CTAvTray] C:\Program Files\Creative\SBLive\Program\CTAvtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ThrustTSR] C:\Program Files\ThrustMaster\ThrustMapper\TMTMTSR.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\WinVNC\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [CD Autorun] C:\Program Files\TweakNow PowerPack\CDAuto.exe
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\TweakNow PowerPack\RAM_XP.exe
O4 - HKLM\..\Run: [CpuIdle] C:\Program Files\CpuIdlePro\cpuidle.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\msbb.exe
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [GNUBIP] C:\WINDOWS\GNUBIP.exe
O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Red Swoosh EDN Client] C:\Program Files\RSNet\RSEDNClient.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: Popup Ad Filter.lnk = C:\Program Files\Popup Ad Filter\PopFilter.exe
O4 - Global Startup: Yahoo! Messenger.lnk = C:\Program Files\Yahoo!\Messenger\YPager.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = D:\Program Files\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: Allow Popups - C:\Program Files\Popup Ad Filter\WhiteGetUrl.js
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: LimeShop Preferences - file://c:\Program Files\topMoxie\TEMP\limeshop_script.htm
O9 - Extra 'Tools' menuitem: IMI (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O12 - Plugin for .xar: C:\Program Files\Internet Explorer\PLUGINS\NPXaraC.dll
O16 - DPF: JT's Blocks -
http://download.games.yahoo.com/games/clients/y/blt1_x.cab O16 - DPF: Yahoo! Chess -
http://download.games.yahoo.com/games/clients/y/ct0_x.cab O16 - DPF: Yahoo! Dice -
http://download.games.yahoo.com/games/clients/y/dct2_x.cab O16 - DPF: Yahoo! Exploder -
http://download.games.yahoo.com/games/clients/y/vtk_x.cab O16 - DPF: Yahoo! Fleet -
http://download.games.yahoo.com/games/clients/y/fltt1_x.cab O16 - DPF: Yahoo! Graffiti -
http://download.games.yahoo.com/games/clients/y/grt3_x.cab O16 - DPF: Yahoo! Literati -
http://download.games.yahoo.com/games/clients/y/tt0_x.cab O16 - DPF: Yahoo! Pool 2 -
http://download.games.yahoo.com/games/clients/y/potc_x.cab O16 - DPF: Yahoo! Towers 2.0 -
http://download.games.yahoo.com/games/clients/y/ywt0_x.cab O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) -
http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe O16 - DPF: {666DDE35-E955-11D0-A707-000000521958} -
http://69.56.176.227/webplugin.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37877.7632986111 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) -
http://http.gamezone.tukati.com/tukati/1.7.20.20/tukati.cab