Help removing items from 'Hijackthis' list

I am trying to stop an endless stream of popups from opening on my roommate's computer, running Windows XP. I have tried Symantec AntiVirus, SpyBot Search & Destroy, Microsoft AntiSpyware, and Ad-aware 6.0, (all the most current/updated versions) with no avail. There are still popups that open everytime the Internet Explorer is opened and while it is online.

Now I am trying to use Hijackthis; below is the most recent log file I saved from it.
If anyone can help, please let me know if I can safely remove any of these files listed below.
Thank you!

JR


Logfile of HijackThis v1.99.1
Scan saved at 8:38:29 PM, on 6/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ActivCard\acautoreg.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Dell\QuickSet\QuickSet.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\USB Flash Disk Utility\UFD Utility\UFDMon.exe
C:\Program Files\USB Flash Disk Utility\UFD Utility\USBTD.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\windows\system32\xbxizbe.exe
D:\Program Files\D-Tools\daemon.exe
C:\windows\system32\calc.exe
C:\Program Files\rfbtny8k\rfbtny8k.exe
C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe
C:\WINDOWS\system32\w?crtupd.exe
C:\Documents and Settings\x77848\Application Data\arnt.exe
C:\PROGRA~1\COMMON~1\rmmo\rmmom.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
D:\CCAAgent.exe
C:\Program Files\Cranite\Client\clientUI.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Network Associates\PGPNT\PGPTray.exe
D:\Program Files\PsnLite.exe
C:\Program Files\Palm\HOTSYNC.EXE
D:\PROGRA~1\PSNGive.exe
C:\Program Files\rfbtny8k\32279725.exe
C:\Program Files\rfbtny8k\rfbtny8k.exe
D:\My Documents\download\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www-internal.uscc.usma.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = netproxy.usma.army.mil:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;<local>
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000000-0000-4BEA-BB12-8E112D068403} - C:\Program Files\rfbtny8k\rfbtny8k.dll
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0C8C7099-CA9A-4EED-8804-54CD2D8A3364} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {2431D515-463A-45A4-868A-EC4FB7877185} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {47A12D44-A84B-4483-967F-8F1591E2E62F} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {AA35632C-D3F1-46C6-AB47-ED00C20FED28} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {AD68E51F-8EC6-4F65-8B26-2F0A28FCD8CA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {BA1B2AFF-A884-4CD5-B466-8A72814F0ABF} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {BA605CB2-167C-426A-A14D-FD8726E8FC3F} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {BA97D180-9901-474F-A719-F875B1126876} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CBEF51E7-B85D-ECA3-2533-BAA93CEB5A94} - C:\WINDOWS\system32\lznbppu.dll
O2 - BHO: (no name) - {D2D7492E-7A36-48F2-A85F-789390921AD8} - C:\Program Files\CSBB\CSBB.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
...
*The list is continued below...

...
Here are the rest of the files listed with Hijackthis.
(Sorry, They were too long to fit in one message/post... )
Thanks for any help!


O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickPassword] C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [UFD Monitor] C:\Program Files\USB Flash Disk Utility\UFD Utility\UFDMon.exe
O4 - HKLM\..\Run: [UFD Utility] C:\Program Files\USB Flash Disk Utility\UFD Utility\USBTD.exe
O4 - HKLM\..\Run: [Belt] C:\WINDOWS\Belt.exe
O4 - HKLM\..\Run: [Antivirus] C:\WINDOWS\b.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [xbxizbe] c:\windows\system32\xbxizbe.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "d:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [rfbtny8k] C:\Program Files\rfbtny8k\rfbtny8k.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Red Swoosh EDN Client] C:\Program Files\RSNet\RSEDNClient.exe
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [Pkkj] C:\WINDOWS\system32\w?crtupd.exe
O4 - HKCU\..\Run: [Rlsc] C:\Documents and Settings\x77848\Application Data\arnt.exe
O4 - HKCU\..\Run: [rmmo] C:\PROGRA~1\COMMON~1\rmmo\rmmom.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Clean Access Agent.lnk = D:\CCAAgent.exe
O4 - Global Startup: Cranite Systems WirelessWall.lnk = ?
O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PGPtray.lnk = C:\Program Files\Network Associates\PGPNT\PGPTray.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\Program Files\PsnLite.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://test.outwar.com/np/Otw0i.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102095638880
O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} (InstallCtl Class) - http://download.redswoosh.net/Installer/104/rsinstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = usma.ds.army.edu
O17 - HKLM\Software\..\Telephony: DomainName = usma.ds.army.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{37087616-FCE8-464E-BD8A-59D822BB3957}: Domain = usma.ds.army.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = usma.ds.army.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = usma.ds.army.edu,ds.army.edu,usma.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = usma.ds.army.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = usma.ds.army.edu,ds.army.edu,usma.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = usma.ds.army.edu,ds.army.edu,usma.edu
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: ActivCard Gold Autoregister (acautoreg) - ActivCard S.A. - C:\Program Files\Common Files\ActivCard\acautoreg.exe
O23 - Service: ActivCard Gold service (Accoca) - ActivCard - C:\Program Files\Common Files\ActivCard\accoca.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

ummm... you do have quite a few entires that need to be fixed and treated. Your log is a bit much for someone like me. I think you best hope is for TomMyboy to stop by and help you out. He's the best that this board can offer. He should drop by within the next couple of days so check the thread regularily

If in a week you still have no response please post a fresh log and i will try and help

Thank you!
Will do...

Hi JLR_84,

Please post a fresh HijackThis log.

Tom

Thank you, I am just going to re-image the hard drive and start off fresh, thank you for the help thus far.

Respectfully,
JR