I am looking over your log and will have some suggestions for you in a short while. Thanks for your patience!

I see nothing suspicious...but quite a bit unnecessary. Your security on the anti-virus and anti-spyware side is on over-kill...and I see no firewall.

Before I offer some suggestions, can you tell me what issues you are experiencing? Also, did you keep the Panda scan log? Your hjt log shows that you just ran a Panda scan...at least, you haven't rebooted since you ran it. If you saved the log, please post it back here. Thanks!

Hi,

Thanks a lot for your reply.

As for the over-kill, yes, you're right. My first problem was redirecting the web search engines to different sites, which happened after I've clicked one of the desired links. It took me to the right site after the third time. After that I've ran quite a lot of scans, first my sophos antivirus and windows defender which reported the system was clean. Then I've ran the panda online scan which didn't show anything suspicious and after that upgraded to active scan pro. Problem not resolved. I've installed and run cwshredder (thought it was coolwebsearch) also but it didn't find anything suspicious.

So I've starting looking for solutions on the web basing on the symptoms and found a lot of anti-spyware software. I've decided to use only those recommended by Kim Komando, and also use her site to find others like castlecops, merijn.org, majorgeeks. Installed: Trend micro's anti-spyware, Spysweeper, PestExterminator, AVG anti-virus and anti-spyware, SpywareBlaster and finally Ad-aware SE. I think after I ran scans with Ad-aware and AVG the problems disappeared, but have to admit that I've used also Hijackthis before and removed, with great care using the info on merijn.org, some files (one O2 and four O17s) which were, according to the 'libraries', surely malicious. It seems that none of the scans themselves couldn't help.

So the symptoms disappeared but still were not sure if the system is really clean (bearing in mind that after running so many scans the system was reported always clean, though the thing was there!) So I've decided to keep all the software until some expert will get back to me.

I had also some problems with 'good' software after all these scan-runs so I got the desktop mechanic and registrybooster2 which solved the problem, but had to uninstal the Software manager (Installshield update service).

As for the Panda scan log, unfortunately I've deleted it but can run another scan if you recommend it. The problem with panda at some point was that I couldn't scan anymore because the 'hijacker' (as I think it was) was redirecting the panda active scan pro login website to some other.

I'm surprised you can't see any firewall because the security centre tells me the firewall is on (?)

Sorry for this elaborate post. And thanks in advance for help.

My plan is to remove the trial/limited versions of the anti-spyware: spysweeper and trend micro anti-spyware. Leave probably the Spywareblaster Ad-aware SE and AVG anti-spyware and stay with my spohos anti-virus. Then run the registrybooster to clean up the registry.

Regards
RB76

Since you intend to keep Prevx, (good choice by the way) you should uninstall the AVG AntiVirus first. Please made sure you DON'T uninstall AVG Anti-Spyware.

Quote: I'm surprised you can't see any firewall because the security centre tells me the firewall is on (?)...
The Windows XP on board firewall will not show in a hjt log...regardless, that firewall is only protecting you from inbound intrusion (which by the way, is easily skirted by a variety of malware, not to mention the little script kiddie hackers) and does absolutely nothing to protect you from your own computer sending your private data OUT to the web. A third party software firewall is always recommended...unless one has a hardware router with the firewall built in.

Leave probably the Spywareblaster Ad-aware SE and AVG anti-spyware and stay with my spohos anti-virus. Then run the registrybooster to clean up the registry.
Those are pretty good in combination but I would also recommend using Spybot Search and Destroy. Not so much because I think it's a better application than AVG Anti-Spyware...it's not...but it is different.

You are able to use Spybot's "Resident" SD Helper which adds protection from malicious web sites and plays nicely along with SpywareBlaster's Active X control protection. You can also add Spybot's "Hosts" file which imho is excellent.

---

Your log showed one stray Registry entry from your Testware "BookCase".

You can run HijackThis again and check/fix this one:
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - (no file)

Please remember to close all windows including this browser window before you click the Fix Checked button... then, reboot to properly record the change made to the disk.

---

I should also advise you that your Java is WAAYYYY out of date and causes a serious security risk as a result. The version of Java you still have installed is known to have been exploited.

Please follow these steps to remove older version Java components

1. Close any open programs you may have running, especially your web browser.

2. Click Start-->Control Panel-->Add or Remove Programs.
For those just reading this thread:
Depending on your OS, you may have to click Start-->Settings-->Control Panel-->Add or Remove Programs.

3. Click once on any item listing Java Runtime Environment in the name (to highlight it) then click the "Remove" or "Change/Remove" button.
Not every version of Java will begin with "Java" so be sure to read each entry in the list.
Repeat step 3 as many times as necessary to remove all versions of Java.
**If you are asked to reboot at any point during the uninstallations, please do so. Then go back to Add/Remove and continue with the rest of the removals...when finished uninstalling all of them, reboot the computer.

4. Navigate to and delete:

• C:\Program Files\ Java =this folder if found

5. Then go to this page.
Scroll down to where it says "Java Runtime Environment (JRE) 6u1
The Java SE Runtime Environment (JRE) allows end-users to run Java applications."and click the "Download" button to the right.

6. Check the box that says: "Accept License Agreement" the page will refresh and click on the link to download Windows Offline Installation with or without Multi-language. Save it to your desktop.
Then from your desktop double-click on the executable to install the newest version. Reboot when the installation completes.

---

You can disregard the Panda scan. Based on your description of symptoms it seems that you may have had one of the WareOut infections that hijacked your dns. Wareout is basically a rootkit infection, so we need to run an on line scan using a very different antivirus scanning engine. The F-Secure WebSite free On line scan incorporates within it's engine, the rootkit technology...since we suspect a previous WareOut infection, this would be a good place to start.

One word of caution. Using any of the Registry cleaners (Registry Mechanic, Registry Booster) can cause serious problems to the extent that one day when you go to turn on your computer, you may find that it won't even boot up. If however, you consider yourself a step above the "Average" user, then you may be just fine using them. You are aware (I should add) that any Registry entries these types of applications present to you for removal should most definitely be thoroughly investigated first before you remove them.

---

After having uninstalled the software that you said you were going to remove, and having only the following left on board:
Spywareblaster
Ad-aware SE
AVG anti-spyware
Sopohos antivirus
...then please continue with the instructions below:

Please perform a scan with F-Secure Online Scanner
Follow the directions in the F-Secure page for proper Installation.
1. Click on the link " F-Secure Online Scanner".
2. You may receive an alert on the address bar at this point to install the ActiveX control.
3. Click on that alert and then click " Install ActiveX component".
4. Read the license agreement and click " Accept".
5. Click " Custom Scan" and be sure the following are checked:

• Scan whole System
• Scan all files
• Scan whole system for rootkits
• Scan whole system for spyware
• Scan inside archives
• Use advanced heuristics

6. When the scan completes, click the " I want to decide item by item" button.7. For each item found, Select " Disinfect" and click " Next".
8. When done, click the " Show Report" button, then copy and paste the entire report into your next reply along with a fresh HijackThis log.

Please advise how the computer is running for you and if you are having any other issues. Thanks!

Here's what I've done according to your suggestions

1) AVG anti-virus uninstalled
2) PestExterminator uninstalled
3) Trend micro anti-spyware uninstalled
4) Spysweeper uninstalled
5) O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - (no file) fixed
6) Although I've installed the newest version of JAVA (due to recommendations I've found on the internet) before your message, I've unistalled all versions and installed Java Runtime Environment (JRE) 6u1 step by step as you've described
7) I've run the F-Secure online scan and the report is at the end of this message.

I have few more questions:
1) you said 'Since you intend to keep Prevx' but I didn't install Prevx 2.0 if this is what you had in mind, would you suggest to do so?
2) you wrote: 'A third party software firewall is always recommended...unless one has a hardware router with the firewall built in'. I don't have a hardware router so I'm deciding to get a software firewall. Because I've decided to keep Ad-aware SE and perhaps it would be better to purchase the full version (with Ad-watch) I could get also the firewall in their offer. So what do you think about Lavasoft personal firewall with Ad-Aware SE Plus (or Professional, see http://www.lavasoft.de/ad-aware/personal/106/upgrade.shtml). The other option is to upgrade Sophos anti-virus by adding the sophos client firewall.
3) I'm also considering installing Spybot Search&Destroy which I've foud at http://www.safer-networking.org/en/langtable/sbsd.html#52, is this the thing you've recommended (I've learned there's a lot of stuff on the internet and some anti-spyware software appears to be spyware itself, e.g. I've found SpyBlast which I think is a spoof of SpywareBlaster)

Overall laptop performance is satisfactory. It's bit slower at startup, but it must be due to the new processes running in the background from the anti-spyware software. As for the registry interfering software (desktop mechanic or reigstrybooster) I've decided to still use it but clean mostly the items that were connected with the stuff that I got rid off, as I surely can't consider myself advanced user in this respect (but am working on it :)). Hopefully it won't cause the useful stuff to work bad.

New hijackthis logfile is below the F-secure scanner's report.

Thanks again 1972vet
Regards
RB76


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Scanning Report
Wednesday, June 06, 2007 10:07:37 - 14:38:21
Computer name: D533WV1J
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\


--------------------------------------------------------------------------------

Result: 1 malware found
Possible Browser Hijack attempt (spyware)
System (Disinfected)

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 432928
System: 4787
Not scanned: 42
Actions:
Disinfected: 1
Renamed: 0
Deleted: 0
None: 0
Submitted: 0
Files not scanned:
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\BIOS1.ROM
C:\WINDOWS\SYSTEM32\DLA\TFSMRMSG.ISO
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\EDB.LOG
C:\WINDOWS\SYSTEM32\CATROOT2\TMP.EDB
C:\WINDOWS\SOFTWAREDISTRIBUTION\EVENTCACHE\{D96DF5E9-7CB8-46F5-BBEA-B344D2C00833}.BIN
C:\TEXMF\SOURCE\LATEX\TIMESHT\MANIFEST
C:\PROGRAM FILES\SONIC\DLA\INSTALL\TFSMRMSG.ISO
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask\Ad-Aware SE Default.skn
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[10].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[11].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[1].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[2].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[3].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[4].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[5].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP:emotion-14:.RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[7].RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP:emotion-29:.RBK
C:\PROGRAM FILES\DESKTOP MECHANIC\BACKUP\AUTOMATIC BACKUP[9].RBK
C:\I386\BIOS1.ROM
C:\I386\TFSMRMSG.ISO
C:\DOCUMENTS AND SETTINGS\ALL USERS.LOG
C:\DOCUMENTS AND SETTINGS\DEFAULT USER.LOG
C:\DOCUMENTS AND SETTINGS\ROBERT PIERZYCKI\NTUSER.DAT
C:\DOCUMENTS AND SETTINGS\ROBERT PIERZYCKI\LOCAL SETTINGS\TEMP\~DF207B.TMP
C:\DOCUMENTS AND SETTINGS\ROBERT PIERZYCKI\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS DEFENDER\FILETRACKER\{B94B3E3A-9795-4DFF-8506-4E74066AA773}
C:\DOCUMENTS AND SETTINGS\ROBERT PIERZYCKI\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
C:\DOCUMENTS AND SETTINGS\ROBERT PIERZYCKI\APPLICATION DATA\ADOBE\ACROBAT\7.0\DIGITAL EDITIONS\VOUCHERS\ACTIVATION.DAT
C:\DOCUMENTS AND SETTINGS\ROBERT PIERZYCKI\APPLICATION DATA\ADOBE\ACROBAT\7.0\DIGITAL EDITIONS\VOUCHERS\DBFILE.DAT
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\NTUSER.DAT
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SOPHOS\SOPHOS ANTI-VIRUS\CONFIG\INTERCHK.CHK
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AD391678A806EC4D691E83AAA393B6F_50E417E0-E461-474B-96E2-077B80325612
bios1.rom
bios1.rom

--------------------------------------------------------------------------------

Options
Scanning engines:
F-Secure Libra: 2.4.2, 2007-06-04
F-Secure AVP: 7.0.171, 2007-06-06
F-Secure Orion: 1.2.37, 2007-06-06
F-Secure Blacklight: 1.0.53
F-Secure Draco: 1.0.35, 2007-05-29
F-Secure Pegasus: 1.19.0, 2007-04-28
Scanning options:
Scan all files
Scan inside archives
Use Advanced heuristics

--------------------------------------------------------------------------------

Copyright © 1998-2006 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Logfile of HijackThis v1.99.1
Scan saved at 16:26:29, on 06/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\dpmw32.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ROBERT~1\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk32.exe
C:\DOCUME~1\ROBERT~1\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fssm32.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Panda_cleaner_39204] C:\WINDOWS\system32\ASPRO\pavdr.exe 39204
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GroupWise Notify.lnk = C:\Novell\GroupWise\notify.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1179317207656
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5041/mcfscan.cab
O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Your're right...I said Prevx when I meant Sophos. Your log looks fine. You're good to go...

Thanks a lot