please help...hijacktis Log...............

hello all
could someone please help me to understand this log, and to tell what to do? thanks

Logfile of HijackThis v1.97.7
Scan saved at 13:04:37, on 02/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
C:\Program Files\012Net\012Net-Cable dialer\fts.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
D:\Program Files\AnalogX\CookieWall\cookie.exe
D:\WINDOWS\System32\mqlmlnka.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
D:\WINDOWS\kdkcixs.exe
D:\WINDOWS\vbaegkn..exe
D:\WINDOWS\System32\hpdllhost.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\QuickTime\qttask.exe
D:\WINDOWS\System32\bnhpe\ocktn.exe
D:\WINDOWS\System32\bilqqnvw\cypaactt.exe
D:\WINDOWS\System32\hckvhyaa.exe
D:\Program Files\Common Files\WinTools\WToolsA.exe
D:\WINDOWS\dhbrwsr.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\windows\system32\saie.exe
D:\WINDOWS\System32\wsxsvc\wsxsvc.exe
D:\WINDOWS\System32\vmss\vmss.exe
D:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\012NET\012NET~2\FWPortal.exe
D:\WINDOWS\System32\prfpcont.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\PROGRA~1\MYDAIL~1\MYDAIL~1.EXE
D:\Documents and Settings\asher\Application Data\tsg?.exe
D:\PROGRA~1\COMMON~1\tsa\tsm2.exe
D:\Program Files\Nikon\PictureProject\NkbMonitor.exe
D:\Program Files\Common Files\WinTools\WToolsS.exe
D:\PROGRA~1\COMMON~1\tsa\ts2.exe
D:\Program Files\Common Files\WinTools\WSup.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\dhsvr.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\System32\wuauclt.exe
D:\WINDOWS\System32\tsaceyqk\lfma.exe
D:\Documents and Settings\asher\Desktop\HijackThis.exe
D:\WINDOWS\System32\drjtfi\lnsvk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://D:\WINDOWS\System32\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
O2 - BHO: (no name) - {00000000-0000-0000-BFA1-D7EE6696B865} - D:\WINDOWS\System32\icdd7ee6.dll
O2 - BHO: (no name) - {00000000-0000-47c5-A90F-2CDE8F7638DB} - D:\WINDOWS\System32\iel2cde8.dll
O2 - BHO: (no name) - {000277A3-7D84-406a-9799-D12A81594693} - D:\WINDOWS\srchfst.dll
O2 - BHO: (no name) - {000E6ED5-E3FC-4c93-99E9-D38D2A9F9B09} - D:\WINDOWS\System32\he3e3fc4.dll
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - D:\WINDOWS\bxxs5.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {82360230-2537-034D-0AA2-0744F90D28BE} - D:\WINDOWS\System32\pptoumtf\ocmsbgoo.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - D:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - D:\Program Files\SEP\sep.dll
O2 - BHO: (no name) - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - D:\WINDOWS\dealhlpr.dll
O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - D:\Program Files\SEP\sep.dll
O3 - Toolbar: (no name) - {EFEE6B59-ADDB-40eb-BA2C-AF860F5B42B5} - D:\WINDOWS\System32\readdb40.dll
O3 - Toolbar: (no name) - {223405EC-01F9-48a2-BDBB-D519913E2765} - D:\WINDOWS\System32\li01f948.dll
O3 - Toolbar: Searchfst Class - {000277A3-7D84-406a-9799-D12A81594693} - D:\WINDOWS\srchfst.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [%FP%012-L2TP fts.exe] "C:\Program Files\012Net\012Net-Cable dialer\fts.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] D:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [CookieWall] D:\Program Files\AnalogX\CookieWall\cookie.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [LF] D:\windows\temp\LF.exe
O4 - HKLM\..\Run: [Bakra] D:\WINDOWS\System32\IEHost.exe
O4 - HKLM\..\Run: [os8k36T] mqlmlnka.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [nssysconf] D:\WINDOWS\kdkcixs.exe
O4 - HKLM\..\Run: [hpsysconf1] D:\WINDOWS\vbaegkn..exe
O4 - HKLM\..\Run: [he3e3fc4] rundll32.exe D:\WINDOWS\System32\he3e3fc4.dll,EnableRunDLL32
O4 - HKLM\..\Run: [000hpdllhost] D:\WINDOWS\System32\hpdllhost.exe
O4 - HKLM\..\Run: [readdb40] rundll32.exe D:\WINDOWS\System32\readdb40.dll,EnableRunDLL32
O4 - HKLM\..\Run: [li01f948] rundll32.exe D:\WINDOWS\System32\li01f948.dll,EnableRunDLL32
O4 - HKLM\..\Run: [iel2cde8] rundll32.exe D:\WINDOWS\System32\iel2cde8.dll,EnableRunDLL32
O4 - HKLM\..\Run: [icdd7ee6] rundll32.exe D:\WINDOWS\System32\icdd7ee6.dll,EnableRunDLL32
O4 - HKLM\..\Run: [SrchfstUpdate] D:\WINDOWS\srchupdt.exe
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WebRebates0] "D:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [towfezv] D:\WINDOWS\Lbczxs.exe
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE D:\WINDOWS\bxxs5.dll,DllRun
O4 - HKLM\..\Run: [ocktn] D:\WINDOWS\System32\bnhpe\ocktn.exe
O4 - HKLM\..\Run: [cypaactt] D:\WINDOWS\System32\bilqqnvw\cypaactt.exe
O4 - HKLM\..\Run: [hdrbest] D:\WINDOWS\System32\hckvhyaa.exe
O4 - HKLM\..\Run: [WinTools] D:\Program Files\Common Files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [alchem] D:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [lnsvk] D:\WINDOWS\System32\drjtfi\lnsvk.exe
O4 - HKLM\..\Run: [lfma] D:\WINDOWS\System32\tsaceyqk\lfma.exe
O4 - HKLM\..\Run: [DealHelperUpdate] D:\WINDOWS\DHUpdt.exe
O4 - HKLM\..\Run: [DealHelperBrwsr] D:\WINDOWS\dhbrwsr.exe
O4 - HKLM\..\Run: [saie] d:\windows\system32\saie.exe
O4 - HKLM\..\Run: [Dvx] D:\WINDOWS\System32\wsxsvc\wsxsvc.exe
O4 - HKLM\..\Run: [vmss] D:\WINDOWS\System32\vmss\vmss.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [%FP%012-L2TP FWPortal.exe] "C:\PROGRA~1\012NET\012NET~2\FWPortal.exe" -no_dialog
O4 - HKCU\..\Run: [ZBrqRWfmh] prfpcont.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MyDailyHoroscope] D:\PROGRA~1\MYDAIL~1\MYDAIL~1.EXE
O4 - HKCU\..\Run: [Htmt] D:\Documents and Settings\asher\Application Data\tsg?.exe
O4 - HKCU\..\Run: [Tsa2] D:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - Global Startup: NkbMonitor.exe.lnk = D:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Web Rebates - file://D:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38193.1533564815
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79DE9F16-ABF2-48E4-80B4-605E94421651}: NameServer = 212.117.129.5 212.116.161.37

Hi tommy2004,

Let's start here:

Perform an onlne virus scan from this site:

Trend Micro Housecall - Select all of your drives for scanning. Please check "Auto clean" before scanning.

http://housecall.trendmicro.com/

If you can, copy and paste the report logs from the scans into your next post.

Next....

Let's do some more cleaning up:

Download Ad-Aware SE Personal Edition version 1.05 from:

http://www.lavasoft.de/support/download/

Run Adaware, click the "Check for Updates now" link. Install the latest reference file

Perform a "Full system scan" with Adaware. Allow it to remove anything it finds.

Then...

Download, install and UPDATE Spybot Search and Destroy 1.3. Scan and fix all items checked in RED.

http://www.safer-networking.org/en/download/index.html

Reboot and post a fresh HijackThis log.

Tom