Hi everybody-seems either my brother or I managed to click on a link and wound up getting a virus-which my Norton intercepted. However my computer still seems to be running oddly-I am wondering if something else wasn't placed somewhere on my HD. This am ran HijackThis and found a rogue BHo which I got rid of. Here is my current Hijack Log-Please have a look and tell me if it seems ok. I am puzzled by the mmtask.tak line in the running processes-I don't recall that being there(I may have overlooked it)
My sincerest thanks for your help!


Logfile of HijackThis v1.98.2
Scan saved at 6:43:13 PM, on 5/3/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\ROXIO\GOBACK\GBPOLL.EXE
C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\SPEEDKEY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\CKA.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\MY DOCUMENTS\HIJACK THIS\HIJACKTHIS.EXE

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Roxio\GoBack\GBPoll.exe
O4 - HKLM\..\RunServices: [Retrospect Launcher] C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE
O4 - HKCU\..\Run: [SymKeepAlive] C:\Program Files\Norton SystemWorks\CKA.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

Your log looks clean, but it is an old version and may not be seeing everything... Please download the latest version 1.99.1 and post a fresh log...

http://www.downloads.subratam.org/hijackthis.zip

Also, it may be a good idea to do this:

Try running an MWavScan... It will produce a log in the lower right hand corner and you will need to use Ctrl-C to copy the bottom part of it that has the bad items and then paste it here for review....

http://www.mwti.net/antivirus/free_utilities.asp

It will suggest that you buy the product to fix what it finds, but that is not necessary... Just post the bad part of the scan and we will deal with it...

here is the updated hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 9:29:00 AM, on 5/4/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\ROXIO\GOBACK\GBPOLL.EXE
C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\SPEEDKEY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\CKA.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MMJB.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MMDIAG.EXE
C:\WINDOWS\TEMP\MWAVSCAN.COM
C:\WINDOWS\TEMP\KAVSS.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Roxio\GoBack\GBPoll.exe
O4 - HKLM\..\RunServices: [Retrospect Launcher] C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE
O4 - HKCU\..\Run: [SymKeepAlive] C:\Program Files\Norton SystemWorks\CKA.exe
O4 - HKCU\..\RunServices: [SymKeepAlive] C:\Program Files\Norton SystemWorks\CKA.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O15 - Trusted Zone: [url]www.mt-download.com[/url] (HKLM)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - [url]https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab[/url]
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - [url]https://www-secure.symantec.com/techsupp/activedata/SymAData.cab[/url]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - [url]http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab[/url]
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

Virusscan results:
File System Found infected by "IBIS Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "IBIS Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Lycos Sidesearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Alexa Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "CoolWebSearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "web search tools Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "btlink Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "180Solutions Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "vendor Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "morpheus Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "AdDestroyer Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "cws.therealsearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msxmidi.exe infected by "Trojan.Win32.StartPage.tj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sdkrv32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\appcy.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\cbhrl.dll infected by "not-a-virus:AdWare.JS.OneMoreSearch.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\taskmon.exe.$$$ infected by "Trojan-Downloader.Win32.Agent.bc" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\vpfuvphgp.dll infected by "Trojan-Downloader.Win32.Lemmy.t" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\OSR2GLUE.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\WINDOWS\SYSTEM\EGDHTML_1023.dll infected by "Trojan-Downloader.Win32.Wintrim.h" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\ia.dll infected by "not-a-virus:Porn-Dialer.Win32.IA" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\SWRT01.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\UpdInstall.exe infected by "not-a-virus:AdWare.Look2Me.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\d3hv.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\doul.exe infected by "Trojan-Clicker.Win32.Agent.v" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\msbar.exe infected by "not-a-virus:AdWare.WinFetcher.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\mshelper.dll infected by "Trojan.Win32.Trilon.b" Virus. Action Taken: No Action Taken.


Please advise

many thanks

ed

You will need to delete the files from that MWavScan... Please download KillBox and use it in Safe Mode (tap on F8 just before Windows starts to load)... use the Rename and Delete on Reboot options:

http://www.downloads.subratam.org/KillBox.zip

These are the files, copy/paste the whole line on each one:

C:\WINDOWS\msxmidi.exe
C:\WINDOWS\sdkrv32.exe
C:\WINDOWS\appcy.dll
C:\WINDOWS\cbhrl.dll
C:\WINDOWS\taskmon.exe.$$$
C:\WINDOWS\vpfuvphgp.dll
C:\WINDOWS\SYSTEM\EGDHTML_1023.dll
C:\WINDOWS\SYSTEM\ia.dll
C:\WINDOWS\SYSTEM\SWRT01.dll
C:\WINDOWS\SYSTEM\UpdInstall.exe
C:\WINDOWS\SYSTEM\d3hv.dll
C:\WINDOWS\SYSTEM\doul.exe
C:\WINDOWS\SYSTEM\msbar.exe
C:\WINDOWS\SYSTEM\mshelper.dll

After you enter them all, reboot, run another MWavScan and post it here...

It may also be a good idea to run an online virus scan from Housecall in my links or a Panda scan... I would also run Ad-Aware SE and Spybot deep scans after updating them first...

Hi,

I deleted the files as recommended.......used ad-aware se and spybot....here is the latest log:

File System Found infected by "IBIS Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Lycos Sidesearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "CoolWebSearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "web search tools Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "btlink Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "vendor Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "morpheus Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "cws.therealsearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\OSR2GLUE.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.

please advise!

Many Thanks,

Ed

Then things in the list now are probably traces left in the Registry and should be harmless... You would need to use a Registry cleaner to get rid of them... Did you also run an online virus scan??

Please let me know if you are still having any problems and post a fresh HJT log after a reboot...

ran an online virus scan-its clean.......will look for a registry cleaner......many thanks for your help Budfred!!!!!!!!!!!!

edg

Logfile of HijackThis v1.99.1
Scan saved at 6:34:45 PM, on 5/7/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\ROXIO\GOBACK\GBPOLL.EXE
C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\SPEEDKEY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\CKA.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\WAOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOLWBSPD.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Roxio\GoBack\GBPoll.exe
O4 - HKLM\..\RunServices: [Retrospect Launcher] C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE
O4 - HKCU\..\Run: [SymKeepAlive] C:\Program Files\Norton SystemWorks\CKA.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

Your log is still looking clean and it is good that the online scan was clean... You are probably in the clear for now, but it would be a good idea to armor up to prevent future infection... Here is my prevention speech for that:

This is a good time to set up protection against further
attacks. Read the article linked below about "How did I
get infected". You need an antivirus that is updated, a
good firewall (a router firewall is not enough) and a
spyware blocker like SpywareBlaster and also IE-Spyads.
All of these have good free versions available... be very
cautious about any security software that advertises in
popups or other intrusive ways, they are not only usually
useless, but also often have malware in them....

http://www.computercops.biz/postlite7736-.html

And here is a topic about Registry Cleaners:

http://www.pcguide.com/vb/showthread.php?t=35507&highlight=Registry+cleaner