Your system is loaded with malware. No wonder, you don’t have ALL security patches/updates installed. You don’t have a firewall, unless you are using a router with hardware firewall.

Here is the result of my HJT log analyzer:


ANALYZER INFORMATION

Log created on : 10-09-2004 12:11:47
Analyzer version : 7
bad.dat version : 20
good.dat version : 22
rec.dat version : 15
dasb.dat version : 4
sus.dat version : 5


CHECKING HIJACKTHIS AND INTERNET EXPLORER :

You are using the latest version of HijackThis.
Old version of Internet Explorer detected, please update.
INMEDIATLY visit http://windowsupdate.microsoft.com and install ALL security patches/updates.


THESE ITEMS ARE HARMFULL AND SHOULD BE FIXED/REMOVED :

\windows\system32\p2p networking\p2p networking.exe
\program files\windows syncroad\syncroad.exe
\program files\windows syncroad\winsync.exe
\program files\common files\wintools\wtoolsa.exe
\windows\system32?ervices.exe
\program files\common files\wintools\wtoolss.exe
\program files\common files\wintools\wsup.exe
r1 - hkcu\software\microsoft\internet explorer\main,search bar = http://www.websearch.com/ie.aspx?tb_id=50141
r1 - hkcu\software\microsoft\internet explorer\main,search page = res://c:\windows\qofsk.dll/sp.html#28129
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = about:blank
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = res://c:\windows\qofsk.dll/sp.html#28129
r1 - hklm\software\microsoft\internet explorer\main,searchassistant = http://www.websearch.com/ie.aspx?tb_id=50141
r1 - hklm\software\microsoft\internet explorer\main,customizesearch = res://c:\progra~1\toolbar\toolbar.dll/sa
r1 - hklm\software\microsoft\internet explorer\main,search page = res://c:\windows\qofsk.dll/sp.html#28129
r1 - hkcu\software\microsoft\internet explorer\search,searchassistant = res://c:\windows\qofsk.dll/sp.html#28129
r0 - hklm\software\microsoft\internet explorer\search,searchassistant = http://www.websearch.com/ie.aspx?tb_id=50141
r0 - hklm\software\microsoft\internet explorer\search,customizesearch = res://c:\progra~1\toolbar\toolbar.dll/sa
r1 - hkcu\software\microsoft\internet explorer\searchurl,(default) = about:blank
r1 - hklm\software\microsoft\internet explorer\searchurl,(default) = about:blank
r1 - hkcu\software\microsoft\internet explorer\main,start page_bak = about:blank
r1 - hkcu\software\microsoft\internet explorer\main,window title = master
o2 - bho: (no name) - {87766247-311c-43b4-8499-3d5fec94a183} - c:\progra~1\common~1\wintools\wtoolsb.dll
o4 - hklm..\run: [jarhmfyg] c:\windows\system32\guirnbsc.exe
o4 - hklm..\run: [microsoft update] usfgkjm.exe
o4 - hklm..\run: [microsoft update machine] winregs32.exe
o4 - hklm..\run: [kazaa download accelerator updater] regsvr32 /s c:\windows\system32\kdpupd.dll
o4 - hklm..\run: [p2p networking] c:\windows\system32\p2p networking\p2p networking.exe /autostart
o4 - hklm..\run: [webcpr0] “c:\program files\web_cpr\webcpr0.exe”
o4 - hklm..\run: [windows syncroad] c:\program files\windows syncroad\syncroad.exe
o4 - hklm..\run: [tbps] c:\progra~1\toolbar\tbps.exe
o4 - hklm..\run: [wintools] c:\program files\common files\wintools\wtoolsa.exe
o4 - hklm..\runservices: [microsoft update] usfgkjm.exe
o4 - hklm..\runservices: [microsoft update machine] winregs32.exe
o4 - hkcu..\run: [microsoft update machine] winregs32.exe
o4 - hkcu..\run: [microsoft update] usfgkjm.exe
o4 - hkcu..\run: [orae] c:\documents and settings\master\application data\dpso.exe
o4 - hkcu..\run: [zadblguk] c:\windows\system32?ervices.exe
o10 - broken internet access because of lsp provider ‘c:\windows\system32\lspak.dll’ missing
o15 - trusted zone: *.05p.com
o15 - trusted zone: *.scoobidoo.com
o15 - trusted zone: *.searchmiracle.com
o16 - dpf: {0191abf4-9421-435e-9ffd-cd827a2a82d8} (sbitax7ctrl class) -
o16 - dpf: {10000000-1000-0000-1000-000000000000} - file://c:\program files\internet explorer\jbefpvol.exe
o16 - dpf: {15ad4789-cdb4-47e1-a9da-992ee8e6bad6} - http://public.windupdates.com/get_file.php?bt=ie&p=12bc0279316c83e57f7224c7f7bf932b7af8f43d12511b497b7c9e115538c441be3a7110261cce156bdb84228ae501546245582a:8e80568eb307a70b2e6d49c52797e0c4
o16 - dpf: {1d6711c8-7154-40bb-8380-3dea45b69cbf} (web p2p installer) -
o16 - dpf: {386a771c-e96a-421f-8ba7-32f1b706892f} -
o16 - dpf: {706f3805-27d7-478d-80e5-e25d2bb030b3} (vacpro.internazionale_ver3) - http://www.advnt01.com/dialer/internazionale_ver3.cab
o16 - dpf: {9eb320ce-be1d-4304-a081-4b4665414bef} -
o16 - dpf: {b3872502-f9fd-4e96-93ff-0d37298f0689} (soesysinfo control) - http://swgbetareg.station.sony.com/soesysinfo.cab
o16 - dpf: {db893839-10f0-4af9-92fa-b23528f530af} - http://deposito.hostance.net/dialer/506774.exe
o16 - dpf: {ddffa75a-e81d-4454-89fc-b9fd0631e726} - http://www.bundleware.com/activex/bm2/bm2.cab


HARMFULL ITEMS IN THE DOCUMENTS AND SETTINGS FOLDER(S) :

\documents and settings\master\application data\dpso.exe
o4 - hkcu..\run: [orae] c:\documents and settings\master\application data\dpso.exe


THE FOLLOWING ITEMS ARE NOT NEEDED FOR THE SYSTEM TO WORK
PROPERLY. WE RECOMMEND THEM TO BE REMOVED FROM STARTUP :

o4 - global startup: microsoft office.lnk = c:\program files\microsoft office\office10\osa.exe

And you can find the result of the online analyzer HERE