need help with hijack this log

i have bad adware and can't seem to remove it; is there anything that i'm missing on this log?

Logfile of HijackThis v1.98.2
Scan saved at 8:03:16 PM, on 10/3/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINXP\system32\kegbtdvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINXP\system32\ctfmon.exe
C:\Program Files\AT&T\WnClient\Programs\WNConnect.exe
C:\PROGRA~1\AT&T\WNCLIENT\PROGRAMS\WNCSMS~1.EXE
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Documents and Settings\Ann Phillips\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://webmail.umd.umich.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.att.net/nwa
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINXP\nem219.dll
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINXP\localNRD.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINXP\systb.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINXP\wsem302.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINXP\system32\bridge.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Microsoft Update Machine] wuamgrd.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] winupdate.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [rfryyjss] C:\WINXP\system32\kegbtdvr.exe
O4 - HKLM\..\Run: [conscorr] C:\WINXP\conscorr.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINXP\system32\bridge.dll",Load
O4 - HKLM\..\Run: [Win Server Updt] C:\WINXP\wupdt.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] winupdate.exe
O4 - HKLM\..\RunServices: [Microsoft Restore] scrgrd.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] wuamgrd.exe
O4 - HKLM\..\RunServices: [XML Service] msxml.exe
O4 - HKLM\..\RunServices: [Windows Automatic Updates] dvldr.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] winupdate.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net/nwa
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=f32ea71f93289f61b4dbf30a04a6a1144dbe14cda02fcaaa9fafbced2952791a768a1a41688817425fa5c9751a6be7b240 46:f22d67e45739a8712f7edadac81f3fd5
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/29f7b87448a382274b15/netzip/RdxIE601.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4A6EA76-690A-4C74-A842-ED7696CC2F59}: NameServer = 12.102.244.2 204.127.129.4

By the way, are there any websites that show all of the hijack things that appear that are bad? (since the program can't determine for itself)

-randy

Seeing as no-one else has come to help you...

I'd be suspicious of:

C:\WINXP\system32\kegbtdvr.exe

and

O4 - HKLM\..\Run: [rfryyjss] C:\WINXP\system32\kegbtdvr.exe

because I googled the process and got no results. The 'rfryyjss' raises suspicion and the app looks like it should be keyboard driver but disguising itself with a dodgey name.