How do I find what is causing my pop-ups?

ps: the machine is a Dell Demension running Windows XP Home; Service Pack 2; Pentium 4, 2.79ghz; 2gig Ram. Thanks!

Thanks for the help so far everyone!
Here is the ComboFix log; and I will post the new Hijackthis log below as well. Thanks:


ComboFix 08-06-12.2 - Barbara Watson 2008-06-14  1:50:06.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.1569 [GMT -3:00]
Running from: C:\Documents and Settings\Barbara Watson\Desktop\ComboFix.exe
 * Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\WinAntivirusPro3.8
C:\Program Files\WinAntivirusPro3.8\WinAntivirusPro.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\__c00D3B6C.exe
C:\WINDOWS\system32\__c00DB09A.exe
C:\WINDOWS\system32\akhuhjrf.dll
C:\WINDOWS\system32\awoerkuo.dll
C:\WINDOWS\system32\bjmuvvok.ini
C:\WINDOWS\system32\cboyvfni.dll
C:\WINDOWS\system32\csyepimh.ini
C:\WINDOWS\system32\dbkeugau.dll
C:\WINDOWS\system32\fijeubis.ini
C:\WINDOWS\system32\frjhuhka.ini
C:\WINDOWS\system32\gqwgpers.ini
C:\WINDOWS\system32\klbbsqyi.dll
C:\WINDOWS\system32\lnponnnn.ini
C:\WINDOWS\system32\lnponnnn.ini2
C:\WINDOWS\system32\mxggibem.dll
C:\WINDOWS\system32\nnnnopnl.dll
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\pllaujoi.dll
C:\WINDOWS\system32\qahwkljs.dll
C:\WINDOWS\system32\qiebdvej.ini
C:\WINDOWS\system32\qqpdvvgo.ini
C:\WINDOWS\system32\ssmoskdl.ini
C:\WINDOWS\system32\tbhyrdct.dll
C:\WINDOWS\system32\uaguekbd.ini
C:\WINDOWS\system32\uyqhpgsf.ini
C:\WINDOWS\system32\wcnpepeo.dll

.
(((((((((((((((((((((((((   Files Created from 2008-05-14 to 2008-06-14  )))))))))))))))))))))))))))))))
.

2008-06-13 00:16 . 2005-06-08 14:17      <DIR>      d--------      C:\Documents and Settings\Administrator\Application Data\Symantec
2008-06-13 00:16 . 2005-06-08 14:07      <DIR>      d--------      C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2008-06-13 00:16 . 2005-06-08 14:06      <DIR>      d--h-----      C:\Documents and Settings\Administrator\Application Data\Gtek
2008-06-13 00:16 . 2008-06-13 00:16      <DIR>      d--------      C:\Documents and Settings\Administrator
2008-06-13 00:04 . 2008-06-13 00:19      922      --a------      C:\WINDOWS\system32\tmp.reg
2008-06-12 23:01 . 2008-06-12 23:01      <DIR>      d--------      C:\Program Files\Trend Micro
2008-06-10 19:48 . 2008-06-10 19:48      <DIR>      d--------      C:\Documents and Settings\Barbara Watson\Application Data\Uniblue
2008-06-10 19:47 . 2008-06-10 19:47      <DIR>      d--------      C:\Program Files\Uniblue
2008-06-04 23:04 . 2008-06-04 23:04      <DIR>      d--------      C:\Program Files\SymNetDrv
2008-06-04 22:53 . 2008-06-04 22:56      <DIR>      d--------      C:\Program Files\Norton Internet Security
2008-06-04 22:52 . 2003-08-15 18:22      83,208      --a------      C:\WINDOWS\system32\S32EVNT1.DLL
2008-06-04 22:52 . 2003-08-15 18:22      82,136      --a------      C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-06-04 22:51 . 2008-06-04 22:55      <DIR>      d--------      C:\Program Files\Symantec
2008-06-04 22:30 . 2000-03-23 12:50      446,464      -ra------      C:\WINDOWS\system32\hhactivex.dll
2008-06-04 22:30 . 1999-05-07 13:24      414,944      --a------      C:\WINDOWS\system32\COMCT332.OCX
2008-06-04 22:30 . 1998-11-10 10:46      328,480      --a------      C:\WINDOWS\system32\ssa3d30.ocx
2008-06-04 22:30 . 2002-01-08 17:00      176,128      --a------      C:\WINDOWS\system32\RcdScan.dll
2008-06-04 22:30 . 1998-09-24 12:03      171,967      --a------      C:\WINDOWS\system32\Odbcjet.hlp
2008-06-04 22:30 . 1998-06-17 23:00      89,360      --a------      C:\WINDOWS\system32\VB5DB.DLL
2008-06-04 22:30 . 2001-08-22 08:42      13,632      --a------      C:\WINDOWS\system32\drivers\omci.sys
2008-06-04 22:30 . 1998-09-24 12:03      7,348      --a------      C:\WINDOWS\system32\Odbcjet.cnt
2008-06-04 02:26 . 2004-08-03 22:58      14,848      --a------      C:\WINDOWS\system32\drivers\kbdhid.sys
2008-06-04 02:26 . 2004-08-03 22:58      14,848      --a------      C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-06-04 02:25 . 2004-08-03 23:08      31,616      --a------      C:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-04 02:25 . 2004-08-03 23:08      31,616      --a------      C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-06-04 02:25 . 2004-08-04 00:56      21,504      --a------      C:\WINDOWS\system32\hidserv.dll
2008-06-04 02:25 . 2004-08-04 00:56      21,504      --a------      C:\WINDOWS\system32\dllcache\hidserv.dll
2008-05-31 22:00 . 2008-05-31 22:04      <DIR>      d--------      C:\Documents and Settings\Barbara Watson\Application Data\EGAMESTOOLBAR
2008-05-31 21:30 . 2008-06-04 22:29      <DIR>      d--------      C:\Program Files\LiveAntispy
2008-05-29 16:21 . 2008-05-29 16:21      0      --a--c---      C:\4A.tmp
2008-05-29 16:20 . 2008-05-29 16:20      0      --a--c---      C:\49.tmp
2008-05-29 16:20 . 2008-05-29 16:20      0      --a--c---      C:\48.tmp
2008-05-29 16:20 . 2008-05-29 16:20      0      --a--c---      C:\47.tmp
2008-05-29 08:34 . 2008-05-29 20:28      34,037      --ahs----      C:\WINDOWS\system32\sxgoixed.ini
2008-05-28 08:29 . 2008-05-29 08:29      33,805      --ahs----      C:\WINDOWS\system32\cnyhmhbc.ini
2008-05-24 19:18 . 2008-05-24 19:18      <DIR>      d--------      C:\Documents and Settings\Barbara Watson\Application Data\Sudden Games
2008-05-18 11:20 . 2008-05-18 11:20      <DIR>      d--------      C:\Documents and Settings\Barbara Watson\Application Data\EleFun Games
2008-05-17 19:27 . 2008-05-17 19:27      1,409      --a------      C:\WINDOWS\system32\tmpE6BFA.FOT
2008-05-17 19:27 . 2008-05-17 19:27      1,409      --a------      C:\WINDOWS\system32\tmp9A9FA.FOT
2008-05-17 19:27 . 2008-05-17 19:27      1,409      --a------      C:\WINDOWS\system32\tmp48AFA.FOT
2008-05-17 19:27 . 2008-05-17 19:27      1,409      --a------      C:\WINDOWS\system32\tmp1EAFA.FOT
2008-05-16 22:48 . 2008-05-16 22:48      <DIR>      d--------      C:\Documents and Settings\All Users\Application Data\Astar Games
2008-05-16 22:45 . 2008-05-16 22:45      <DIR>      d--------      C:\Program Files\Laura Jones and the Gates of Good and Evil
2008-05-15 11:38 . 2008-05-31 22:03      <DIR>      d--------      C:\Program Files\egamestoolbar

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 04:50      ---------      d-----w      C:\Program Files\GamesBar
2008-06-14 04:47      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\GamesBar
2008-06-13 01:44      ---------      d-----w      C:\Program Files\Common Files\Symantec Shared
2008-06-05 01:56      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\Symantec
2008-06-05 01:30      ---------      d--h--w      C:\Program Files\InstallShield Installation Information
2008-06-01 21:03      ---------      d---a-w      C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-01 11:22      ---------      d-----w      C:\Program Files\iWin.com
2008-05-31 21:19      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-05-31 21:18      ---------      d-----w      C:\Program Files\Google
2008-05-23 14:41      ---------      d-----w      C:\Program Files\Chill
2008-05-18 01:47      ---------      d-----w      C:\Program Files\Games
2008-05-18 01:44      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\SpinTop
2008-05-18 01:44      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\SpinTop
2008-05-18 01:42      ---------      d-----w      C:\Program Files\GameHouse
2008-05-18 01:42      ---------      d-----w      C:\Program Files\AOL Games
2008-05-17 11:42      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\PlayFirst
2008-05-17 11:42      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-05-14 21:29      ---------      d-----w      C:\Program Files\goodsol
2008-05-11 22:16      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\GameHouse
2008-05-10 17:47      ---------      d-----w      C:\Program Files\Mystery Solitaire
2008-05-10 11:46      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Gaijin Ent
2008-05-06 13:02      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Oberon Media
2008-05-06 13:02      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\Oberon Media
2008-05-03 23:42      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\StoneLoopsIW
2008-05-03 13:21      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Big Fish Games
2008-05-03 12:55      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Legends of pirates
2008-05-03 12:20      ---------      d-----w      C:\Program Files\Pirateville
2008-05-03 00:57      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Valusoft
2008-05-03 00:57      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\Valusoft
2008-05-02 14:09      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\GamesCafe
2008-04-28 01:12      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum
2008-04-27 00:33      ---------      d-----w      C:\Program Files\Little Shop of Treasures 2
2008-04-26 01:40      ---------      d-----w      C:\Program Files\Natalie Brooks Secrets Of Treasure House
2008-04-25 23:56      ---------      d-----w      C:\Program Files\The Hidden Object Show
2008-04-25 23:47      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Talkback
2008-04-22 19:52      ---------      d-----w      C:\Program Files\Jigsaw Adorable Animals 2
2008-04-22 19:47      ---------      d-----w      C:\Program Files\Jigsaw Beach Holiday
2008-04-22 11:13      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Friday's games
2008-04-20 02:16      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Yatec Games
2008-04-19 00:37      ---------      d-----w      C:\Program Files\Mystery P.I. - The Vegas Heist
2008-04-19 00:17      ---------      d-----w      C:\Program Files\Big City Adventure
2008-04-18 14:31      ---------      d-----w      C:\Program Files\Travelogue 360 - Paris
2008-04-14 19:20      ---------      d-----w      C:\Documents and Settings\Barbara Watson\Application Data\Magic Academy
2008-04-14 18:29      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\NeptunesAdve
2008-04-14 16:12      ---------      d-----w      C:\Program Files\Mahjong Escape - Ancient China
2008-04-14 16:12      ---------      d-----w      C:\Documents and Settings\All Users\Application Data\JollyBear
2008-03-27 08:12      151,583      ----a-w      C:\WINDOWS\system32\msjint40.dll
2008-03-19 09:47      1,845,248      ----a-w      C:\WINDOWS\system32\win32k.sys
2007-08-16 11:00      26,578,096      ----a-w      C:\Program Files\avg75free_484a1100.exe
2007-05-25 00:02      532,480      ----a-w      C:\Program Files\cwshredder.exe
2007-05-25 00:01      1,308,216      ----a-w      C:\Program Files\HiJackThis_v2.exe
2005-12-23 20:20      774,144      ----a-w      C:\Program Files\RngInterstitial.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}]
2008-05-31 22:03      1947136      --a------      C:\PROGRA~1\EGAMES~1\EGAMES~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}]
2008-03-05 09:48      78848      --a------      C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}"= "C:\PROGRA~1\EGAMES~1\EGAMES~1.DLL" [2008-05-31 22:03 1947136]

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e}]
[HKEY_CLASSES_ROOT\egamestoolbar.EGAMESTOOLBAR]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}"= C:\PROGRA~1\EGAMES~1\EGAMES~1.DLL [2008-05-31 22:03 1947136]

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e}]
[HKEY_CLASSES_ROOT\egamestoolbar.EGAMESTOOLBAR]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
"Uniblue SpeedUpMyPC"="" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 22:12 221184]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-09 11:47 71328]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [2003-10-22 09:42 70840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqRHabC]
urqRHabC.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__c00DB5A]
C:\WINDOWS\system32\__c00DB5A.dat

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Barbara Watson^Start Menu^Programs^Startup^iWin Desktop Alerts.lnk]
path=C:\Documents and Settings\Barbara Watson\Start Menu\Programs\Startup\iWin Desktop Alerts.lnk
backup=C:\WINDOWS\pss\iWin Desktop Alerts.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Barbara Watson^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\Barbara Watson\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Barbara Watson^Start Menu^Programs^Startup^Webshots.lnk]
path=C:\Documents and Settings\Barbara Watson\Start Menu\Programs\Startup\Webshots.lnk
backup=C:\WINDOWS\pss\Webshots.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9c9a94d5]
C:\WINDOWS\system32\akhuhjrf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\A00F190298F1.exe]
C:\DOCUME~1\BARBAR~1\LOCALS~1\Temp\_A00F190298F1.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2004-07-19 09:51 306688 C:\Program Files\Dell Support\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
--a------ 2003-05-22 01:37 229437 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2005-01-27 03:02 86016 C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcNotifier]
--a------ 2008-01-25 14:03 176128 C:\Documents and Settings\Barbara Watson\Local Settings\Application Data\VTShared\GCNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
--a------ 2003-10-23 19:51 233472 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2003-06-25 11:24 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2003-09-01 08:42 176128 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2005-09-20 10:32 77824 C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 2005-09-20 10:36 114688 C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
--a------ 2005-09-20 10:35 94208 C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImInstaller_IncrediMail]
C:\DOCUME~1\BARBAR~1\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install
[1].exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-07-27 18:50 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
--a------ 2005-03-15 09:58 53248 C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
--a------ 2005-03-15 09:58 135168 C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QBReminderFlash]
--a------ 2004-11-11 12:26 26112 C:\Program Files\Intuit\QuickBooks 2005\Atom\QBReminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2005-06-08 14:12 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlipStream]
C:\Program Files\SlipStream Web Accelerator\slipcore.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 21:42 1404928 C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TimeSink Ad Client]
C:\Program Files\TimeSink\AdGateway\TsAdBot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherDPA]
C:\Program Files\Zango\bin\10.1.181.0\Weather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntivirusPro]
C:\Program Files\WinAntivirusPro3.8\WinAntivirusPro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows update loader]
C:\Windows\xpupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-01-10 13:41 223984 C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoOE]
C:\Program Files\Zango\bin\10.1.181.0\OEAddOn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoSA]
C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [2004-02-11 17:27]

.
Contents of the 'Scheduled Tasks' folder
"2008-06-05 02:03:45 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:
"2008-06-12 12:00:00 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
"2008-06-14 05:02:11 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-06-10 22:48:08 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-06-10 22:48:06 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 01:57:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-06-14  2:10:18 - machine was rebooted
ComboFix-quarantined-files.txt  2008-06-14 05:10:14

Pre-Run: 18,567,376,896 bytes free
Post-Run: 19,574,243,328 bytes free

313      --- E O F ---      2008-06-14 05:10:11



HIJACK THIS LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:14:41, on 6/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMNET~1\SNDWarn.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\7215cdd2a5992ff3eb59bc846f07eb4e\update\update.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: eGames Toolbar - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - C:\PROGRA~1\EGAMES~1\EGAMES~1.DLL
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: eGames Toolbar - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - C:\PROGRA~1\EGAMES~1\EGAMES~1.DLL
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKCU\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O20 - Winlogon Notify: urqRHabC - urqRHabC.dll (file missing)
O20 - Winlogon Notify: __c00DB5A - C:\WINDOWS\system32\__c00DB5A.dat (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 5069 bytes

Oh ya...you have some infections for sure.

Egames, iwin, winantivirus, etc etc....you may try scanning with other programs as well.
As stated in my comments....one program does not take care of everything.  

Try some of the programs I suggested...if you need help finding them let me know...

Yeah this is actually my friend's mother's computer. She's not to savvy when it comes to knowing what's legite vs. what's not. I will definitely try running some of those other programs Wakeup; as well as the combofix txt file from you rpggamergirl and let you know what happens. Thanks again for all of this help, I really appreciate it! I get back to ya's

Thanks for all of your help everyone! I've been sick, so sorry for the delay in communication. Your collaborative inputs cleared up all of my issues. I really appreciate it! And the owner is very happy!

Thanks again for all of your help! I tried to be as fair as possible with the points. Since rpggamergirl's solutions cleared up the majority of the problems, I gave her more points. Thanks!

Hey not a problem here!  RPGGamergirl is amazing at this stuff no doubt!
I know she has different methods as I do, but it's all good!

mjgreenley,
Hope you're feeling 100% recovered now.
Glad to know that her pc issues has been resolved.
You can then uninstall combofix please.
Go to Start > Run and copy and paste next command in the field:

ComboFix /u

Thanks!

------------
WakeUp,
Thanks for the kind words.
It's good to have different approaches available for the Askers, in the end it's the teamwork/collaborative inputs that's what really counts.

Amen!  I hold nothing against anyone!  no reason to...this is the internet!  I know your methods differ from my methods and I know your methods work!  so aint no complaints here! :)