graphnick

Can someone please tell me how to get rid of this virus i have. I have put my hijack log file in, i think i have to uncheck some stuff. Logfile of HijackThis v1.97.7 Scan saved at 185856, on 02/02/2004 Platform Windows XP SP1 (WinNT 5.01.2600) MSIE Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes C\WINDOWS\System32\smss.exe C\WINDOWS\system32\winlogon.exe C\WINDOWS\system32\services.exe C\WINDOWS\system32\lsass.exe C\WINDOWS\system32\svchost.exe C\WINDOWS\System32\svchost.exe C\WINDOWS\system32\spoolsv.exe C\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C\WINDOWS\System32\nvsvc32.exe C\Program Files\Analog Devices\SoundMAX\SMAgent.exe C\WINDOWS\Explorer.exe C\PROGRA~1\FREESE~1\BIN\WIN2K\tidslmon.exe C\Program Files\Common Files\CMEII\CMESys.exe C\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C\Program Files\ToPicks\Bin\Idhost.exe C\Program Files\ClearSearch\Loader.exe C\Program Files\Common Files\Dpi\dpi.exe C\Program Files\Analog Devices\SoundMAX\SMTray.exe C\quicktime\quicktime pro v.6.0-full\quicktimeinstaller\qttask.exe C\WINDOWS\system32\pcs\pcsvc.exe C\Program Files\Messenger\msmsgs.exe C\Program Files\Common Files\GMT\GMT.exe C\Program Files\Internet Explorer\iexplore.exe C\Documents and Settings\All Users\Documents\AntiVirus\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http//www.freeserve.com/iesearch/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http//www.freeserve.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http//www.freeserve.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve F0 - system.ini Shell=Explorer.exe C\WINDOWS\System32\System32.exe F2 - REGsystem.ini Shell=Explorer.exe C\WINDOWS\System32\System32.exe O2 - BHO (no name) - {00000000-0000-0000-0000-000000000240} - C\Program Files\ClearSearch\IE_ClrSch.DLL O2 - BHO (no name) - {0352960F-47BE-11D5-AB93-00D0B760B4E - (no file) O2 - BHO (no name) - {0352960F-47BE-11D5-AB93-00D0B760B4EB} - C\Program Files\Topicks\Bin\HtCheck2.dll O2 - BHO myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing) O2 - BHO Clear Search - {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} - C\Program Files\ClearSearch\IE_ClrSch.DLL O3 - Toolbar &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O3 - Toolbar Topicks Categories - {80E81A0E-9741-4FBC-8EE3-3B78C04ADA1D} - C\Program Files\Topicks\Bin\TpBar.dll O3 - Toolbar &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run [TIxDSL] C\PROGRA~1\FREESE~1\BIN\WIN2K\tidslmon.exe O4 - HKLM\..\Run [CMESys] "C\Program Files\Common Files\CMEII\CMESys.exe" O4 - HKLM\..\Run [AdaptecDirectCD] "C\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run [ToPicks Starter] C\Program Files\ToPicks\Bin\Idhost.exe O4 - HKLM\..\Run [ClrSchLoader] C\Program Files\ClearSearch\Loader.exe O4 - HKLM\..\Run [NvCplDaemon] RUNDLL32.EXE C\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run [nwiz] nwiz.exe /install O4 - HKLM\..\Run [Dpi] C\Program Files\Common Files\Dpi\dpi.exe O4 - HKLM\..\Run [belt] C\WINDOWS\Belt.exe O4 - HKLM\..\Run [smapp] C\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run [QuickTime Task] "C\quicktime\quicktime pro v.6.0-full\quicktimeinstaller\qttask.exe" -atboottime O4 - HKLM\..\Run [Pcsv] C\WINDOWS\system32\pcs\pcsvc.exe O4 - HKLM\..\RunServices [CMD] cmd32.exe O4 - HKCU\..\Run [MSMSGS] "C\Program Files\Messenger\msmsgs.exe" /background O4 - HKLM\..\RunOnce [DELDIR0.EXE] "C\DOCUME~1\NICHOL~1\LOCALS~1\Temp\DELDIR0.EXE" "C\Program Files\McAfee\McAfee Shared Components\Guardian\" O4 - Global Startup Adobe Gamma Loader.lnk = C\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup GStartup.lnk = C\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup updater.lnk = C\Program Files\Common Files\updater\wupdater.exe O9 - Extra button Downloads (HKLM) O9 - Extra button Related (HKLM) O9 - Extra 'Tools' menuitem Show &Related Links (HKLM) O12 - Plugin for .spop C\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF START_PAGE_URL=http//www.freeserve.com/ O16 - DPF {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http//www.apple.com/qtactivex/qtplugin.cab O16 - DPF {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https//components.viewpoint.com/MTSInstallers/MetaStream3.cab O16 - DPF {20000273-8230-4DD4-BE4F-6889D1E74167} - http//download2.abetterinternet.com/download/cabs/FON19113/payload2.cab O16 - DPF {5F426A93-0821-47D2-A126-5A48A874B289} (DialerWeb Class) - http//212.145.159.194/251065/dialercab/WebRecomendada.cab O16 - DPF {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http//launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http//a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http//www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http//www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http//download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0C0B2551-E17F-44FE-AA28-1F208C9F98DF} NameServer = 195.92.195.94 195.92.195.95 O17 - HKLM\System\CS1\Services\Tcpip\..\{0C0B2551-E17F-44FE-AA28-1F208C9F98DF} NameServer = 195.92.195.94 195.92.195.95