Browser Hijack - Log contained within

Howdy folks. I am hoping that I can get a little help with ridding myself of this annoying, but seemingly otherwise harmless little pest. I have run AdAware and CWShredder both updated to the latest versions to no avail. I have played with HiJack this, but don't really understand what I am looking at. After a few time deleting things that didn't look right, I have relaized I need to swallow the pride and ask for help, lol.

I've tried usign HiJackThis to delete the offending files and soem other suspicious looking ones, but it keeps coming back. I must be missing one or Not doing something else required. Might have something to do with svchost.exe.


Logfile of HijackThis v1.97.7
Scan saved at 2:34:59 PM, on 6/7/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\ati2evxx.exe
C:\Program Files\mindSHIFT\OLRegCap.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\HPConfig.exe
C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
C:\Program Files\mindSHIFT\OLlaunch.exe
C:\WINNT\System32\mnmsrvc.exe
C:\OfficeScan NT\ntrtscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\snmp.exe
C:\OfficeScan NT\tmlisten.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\ZipToA.exe
C:\OfficeScan NT\ofcdog.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINNT\system32\Atiptaxx.exe
C:\WINNT\System32\qttask.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\wt\updater\wcmdmgr.exe
C:\OFFICESCAN NT\pccntmon.exe
C:\Program Files\Iomega\AutoDisk\AD2KClient.exe
C:\winnt\dllhelp.exe
C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
C:\Program Files\Intuit\QuickBooks Pro\2002\Components\QBAgent\qbdagent2002.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\mindSHIFT\OLSysTray.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
C:\Program Files\AIM95\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\My Download Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = URL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = URL
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = URL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = URL
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = URL
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINNT\System32\qttask.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ACUMon] "C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe" -a
O4 - HKLM\..\Run: [wcmdmgr] C:\WINNT\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\OFFICESCAN NT\pccntmon.exe"
O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background
O4 - HKCU\..\Run: [Iomega Active Disk] C:\Program Files\Iomega\AutoDisk\AD2KClient.exe
O4 - HKCU\..\Run: [dllhelp] c:\winnt\dllhelp.exe
O4 - Startup: mindSHIFT TaskBar Icon.LNK = C:\Program Files\mindSHIFT\OLSysTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks 2001 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\2002\Components\QBAgent\qbdagent2002.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: Add to filterlist (WebWasher) - URL
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

Here is how to read the hijackthis logfile .
Compare it with yours .
http://homepage.ntlworld.com/dvk01uk/tutorial.htm
http://www.spywareinfo.com/~merijn/htlogtutorial.html
http://www.help2go.com/article153.html
http://hjt.wizardsofwebsites.com/
http://www.spywareinfo.com/bhos/
http://www.spychecker.com/program/bholist.html
http://www.spywareinfo.com/~merijn/htlogtutorial.html#r
http://www.computercops.biz/postt6393.html
http://www.google.com/search?q=spyware+list
Beginners Guides: Browser Hijacking & How to Stop It
http://www.pcstats.com/articleview.cfm?articleID=1579