pest trap spyware help :(

[keldron]

I have huge problem I left my house for a week ( summer vacation ) and my cousin suppose to look after it . He has 16 year old son whom I granted permission to use my pc while I'm gone and when I got back my PC had so much spyware and adware and god only knows what else that it took me a while to get rid of most of it ... at the same time there is this one thing I can't get rid off for the life of it . From what I gathered it's some kind of spyware called Pest Trap . I ran spybot search and destroy as well as ADaware but they seem to detect the problem ( i click fix the problem option ) but the problem shows up again after I restart my PC .

Here is my HijackThis log ( maybe that will help ) :

Logfile of HijackThis v1.99.1

Scan saved at 11:55:15 AM, on 8/13/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSSystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

c:Program FilesCommon FilesSymantec SharedccSetMgr.exe

c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSExplorer.EXE

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSehomeehSched.exe

c:Program FilesNorton AntiVirusnavapsvc.exe

C:WINDOWSSystem32svchost.exe

c:Program FilesNorton AntiVirusSAVScan.exe

C:WINDOWSehomeehtray.exe

C:Program FilesJavaj2re1.4.2_03binjusched.exe

C:windowssystemhpsysdrv.exe

C:WINDOWSehomeehmsas.exe

C:Program FilesHPhpcoretechhpcmpmgr.exe

C:WINDOWSSystem32hphmon05.exe

C:HPKBDKBD.EXE

C:Program FilesCommon FilesRealUpdate_OBrealsched.exe

C:Program FilesCommon FilesSymantec SharedccApp.exe

C:WINDOWSAGRSMMSG.exe

C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe

C:WINDOWSSOUNDMAN.EXE

C:WINDOWSALCWZRD.EXE

C:WINDOWSALCMTR.EXE

C:Program FilesCommon FilesAOL1140144820eeAOLSoftware.exe

C:Program FilesCommon FilesLogitechQCDriver2LVCOMS.EXE

C:Program FilesViewpointViewpoint ManagerViewMgr.exe

C:Program FilesMessengerMSMSGS.EXE

C:WINDOWSSystem32wuauclt.exe

C:Program FilesLogitechImageStudioLowLight.exe

C:Program FilesUpdates from HP137903ProgramBackWeb-137903.exe

C:Documents and SettingsAdministratorjrvkfgvj.exe

C:Program FilesInternet Exploreriexplore.exe

C:Program FilesAdobeAcrobat 7.0ReaderAcroRd32.exe

C:Documents and SettingsAdministratorDesktopdlHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.yahoo.com/search/ie.html'>http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:Program FilesNorton AntiVirusNavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:program fileshpdigital imagingbinhpdtlk02.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:Program FilesNorton AntiVirusNavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx

O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe

O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_03binjusched.exe

O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe

O4 - HKLM..Run: [HP Component Manager] "C:Program FilesHPhpcoretechhpcmpmgr.exe"

O4 - HKLM..Run: [HPHUPD05] c:Program FilesHP{45B6180B-DCAB-4093-8EE8-6164457517F0}hphupd05.exe

O4 - HKLM..Run: [HPHmon05] C:WINDOWSSystem32hphmon05.exe

O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE

O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot

O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE

O4 - HKLM..Run: [ccApp] "c:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe

O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe

O4 - HKLM..Run: [updateManager] "c:Program FilesCommon FilesSonicUpdate Managersgtray.exe" /r

O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM..Run: [symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer

O4 - HKLM..Run: [sSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe

O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1140144820eeAOLSoftware.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime

O4 - HKLM..Run: [Adobe Photo Downloader] "C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"

O4 - HKLM..Run: [LVCOMS] C:Program FilesCommon FilesLogitechQCDriver2LVCOMS.EXE

O4 - HKLM..Run: [LogitechGalleryRepair] C:Program FilesLogitechImageStudioISStart.exe

O4 - HKLM..Run: [LogitechImageStudioTray] C:Program FilesLogitechImageStudioLogiTray.exe

O4 - HKLM..Run: [iPHSend] C:Program FilesCommon FilesAOLIPHSendIPHSend.exe

O4 - HKLM..Run: [ViewMgr] C:Program FilesViewpointViewpoint ManagerViewMgr.exe

O4 - HKLM..Run: [bikini] bikini.exe

O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengerMSMSGS.EXE" /background

O4 - HKCU..Run: [RealPlayer] "C:Program FilesRealRealOne Playerrealplay.exe" /RunUPGToolCommandReBoot

O4 - Startup: IMStart.lnk = C:Program FilesInterMuteIMStart.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe

O4 - Global Startup: Quicken Scheduled Updates.lnk = C:Program FilesQuickenbagent.exe

O4 - Global Startup: Updates from HP.lnk = C:Program FilesUpdates from HP137903ProgramBackWeb-137903.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1OFFICE11EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_03binnpjpi142_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_03binnpjpi142_03.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MI1933~1OFFICE11REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:DOCUME~1ADMINI~1LOCALS~1TempThereInstallHelper.dll

O16 - DPF: {8B486EF6-6B2A-4A1E-BB0D-236CB2DBB8D2} (There Voice Trainer) - file://c:Program FilesThereThereClientThereVoiceTrainer.dll

O16 - DPF: {AAF421E6-7914-430A-9981-72B31AFF3BF4} (There Launcher) - file://c:Program FilesThereThereClientThereLauncher.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSetMgr.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:Program FilesNorton AntiVirusnavapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - c:Program FilesNorton AntiVirusSAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe

Any help regarding that matter would be greatly appreciated

Thank you Sincerely Keldron

[deven]

http://www.spywareremove.com/removePestTrap.html

good luck

[dlewis23]

try ewido http://ewido.net

[just-]

adware

http://www.lavasoftusa.com/software/adaware/

[keldron]

yay thx I got rid of those pop ups an dnow my computer is virus clean ( or rather sypware / adaware clean ) thx a lot guys your help is greatly appreciated *** hands cookies to all ***