off to do this now thanks so very much for all the help

first problem I encountered, when doing the first step in hijack this the following 2 lines were no where to be found to check, but I did the others

O4 - HKLM..\Run: [WildTangent CDA] “C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe” /startup “C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll”
O4 - HKLM..\Run: [tezchiby.exe] C:\Documents and Settings\All Users\Application Data\tezchiby.exe

otmove log file

DllUnregisterServer procedure not found in C:\WINDOWS\SYSTEM32\winhdn32.dll
C:\WINDOWS\SYSTEM32\winhdn32.dll NOT unregistered.
C:\WINDOWS\SYSTEM32\winhdn32.dll moved successfully.
File/Folder C:\WINDOWS\system32\ssqpn.dll not found.
File/Folder C:\WINDOWS\system32\qomlmmk.dll not found.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\yargjoli.dll
C:\WINDOWS\system32\yargjoli.dll NOT unregistered.
C:\WINDOWS\system32\yargjoli.dll moved successfully.
File/Folder C:\Documents and Settings\All Users\Application Data\tezchiby.exe not found.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\klvrpjnv.dll
C:\WINDOWS\system32\klvrpjnv.dll NOT unregistered.
C:\WINDOWS\system32\klvrpjnv.dll moved successfully.

Created on 06/03/2007 12:07:17

winspfind log file

[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Genuine not found.
File C:\WINDOWS\SYSTEM32\klvrpjnv.dll not found.
[Files/Folders - Created Within 30 days]
File C:\WINDOWS\SYSTEM32\klvrpjnv.dll not found!
C:\WINDOWS\SYSTEM32\pavas.ico moved successfully.
C:\WINDOWS\SYSTEM32\ttdhmkhq.exe moved successfully.
C:\WINDOWS\SYSTEM32\vnjprvlk.ini moved successfully.
File C:\WINDOWS\SYSTEM32\winhdn32.dll not found!
File C:\WINDOWS\SYSTEM32\yargjoli.dll not found!
C:\WINDOWS\EyeCand3.INI moved successfully.
C:\WINDOWS\FLASHKSK.INI moved successfully.
File C:\WINDOWS\SYSTEM32\klvrpjnv.dll not found!
File C:\WINDOWS\SYSTEM32\pavas.ico not found!
File C:\WINDOWS\SYSTEM32\ttdhmkhq.exe not found!
File C:\WINDOWS\SYSTEM32\vnjprvlk.ini not found!
File C:\WINDOWS\SYSTEM32\winhdn32.dll not found!
File C:\WINDOWS\SYSTEM32\yargjoli.dll not found!
[File String Scan - Non-Microsoft Only]
ADS C:\data1.cab:Zone.Identifier deleted successfully.
ADS C:\msgr75us.exe:Zone.Identifier deleted successfully.
ADS C:\YTunnelPro2.0Build376Setup.exe:Zone.Identifier deleted successfully.
C:\YTunnelPro2.0Build376Setup.exe moved successfully.
ADS C:\YTunnelPro2.5Build464Setup.exe:Zone.Identifier deleted successfully.
C:\YTunnelPro2.5Build464Setup.exe moved successfully.
ADS C:\WINDOWS\doublekiller.zip:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\DS_manual.pdf:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\iCF.exe:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\PC_DAZStudio_1_3_0_1.exe:Zone.Identifier deleted successfully.
C:\WINDOWS\PC_DAZStudio_1_3_0_1.exe moved successfully.
ADS C:\WINDOWS\PC_DS_Base_All.exe:Zone.Identifier deleted successfully.
C:\WINDOWS\PC_DS_Base_All.exe moved successfully.
ADS C:\WINDOWS\ps_fr149_GirlHairConversion.exe:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\ps_fr202_catwalk.exe:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\ULTIMATE_PACK_for_WIN_95_98_ME_XP_NT_2000_–_WinACE_2[1].04__WinRAR.zip:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\wrar36b3.exe:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\SYSTEM32\4_DLLs_for_Plugins.zip:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\SYSTEM32\icmfilter.dll:Zone.Identifier deleted successfully.
File C:\WINDOWS\SYSTEM32\klvrpjnv.dll not found!
ADS C:\WINDOWS\SYSTEM32\Msvcrt10.dll:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\SYSTEM32\MSVCRT10.DLX:Zone.Identifier deleted successfully.
ADS C:\WINDOWS\SYSTEM32\plugin.dll:Zone.Identifier deleted successfully.
File C:\WINDOWS\SYSTEM32\winhdn32.dll not found!
File C:\WINDOWS\SYSTEM32\yargjoli.dll not found!
< End of log >
Created on 06/03/2007 12:11:25

Logfile of HijackThis v1.99.1 Scan saved at 12:12:10 PM, on 6/3/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe
C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\notepad.exe
c:\Program Files\Microsoft Money\System\urlmap.exe
C:\Program Files\Hijackthis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..\Run: [CARPService] carpserv.exe
O4 - HKLM..\Run: [WCOLOREAL] “C:\Program Files\COMPAQ\Coloreal\coloreal.exe”
O4 - HKLM..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe

O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SSP Notifier] C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe" O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Simple Star PhotoShow Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\yahoomessenger.exe" -quiet O4 - HKCU\..\Run: [RogueMonitor] C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe /monitor O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Advisor - {676620E4-8A81-4B34-AB6F-18DD16EF59BF} - C:\Program Files\COMPAQ\Compaq Advisor\bin\rbaLauncher.exe (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://download.games.yahoo.com/games/web_games/playfirst/trijinx/TriJinx.1.0.0.55.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_games/gamehouse/frenzy/SproutLauncher.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing) O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

as for other issues, I really havent touched my pc since the beginning of this so all I’ve noticed is pop ups. I didn;t know what the issue was and didn’t want to make it worse or what not. So just alot of pop ups and they have slowed tremendously since the beginning of this issue.

The analysis of your HijackThis log seems ok… Although I’m not an expert on it…

Would concur with Tech your log appears clean, the missing lines and files are not a problem as I took a multi-kill approach to them

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

[*]Run AVG anti-Spyware.
[*]On the main screen select the icon “Update” then select the “Update now” link.[list]
[*]Next select the “Start Update” button, the update will start and a progress bar will show the updates being installed.

[*]Once the update has completed select the “Scanner” icon at the top of the screen, then select the “Settings” tab.
[*]Once in the Settings screen click on “Recommended actions” and then select “Quarantine”.
[*]Under “Reports”[list]
[*]Select “Automatically generate report after every scan”
[*]Un-Select “Only if threats were found”

Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.[list=1]
[*]Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
[*]Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
[*]Select the “Scanner” icon at the top and then the “Scan” tab then click on “Complete System Scan”.
[*]AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
Once the scan is complete do the following:
[*]If you have any infections you will prompted, then select “Apply all actions”
[*]Next select the “Reports” icon at the top.
[*]Select the “Save report as” button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
[*]Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

Could you also update me on how your system is running now
[/list][/list]

I will do the above but it seems to be good, no pop ups so far. I’ll do the rest but I greatly appreciate all the help for you guys! You rock. thank you so much!!

Can I remove the following from my pc??

smitfraud
winpfind3u
otmoveit
rogueremover
hijackthis

rather what should I remove and what should I keep for future use?

Hijackthis is a useful general tool to keep, it uses no resources (only a little HDD space) unless you are using it.

The others are frequently updated so keeping them may not be as worthwhile as you would want the latest versions of them, though, again they don’t use resources or take up much space.

smitfraud
winpfind3u
otmoveit

No, keep it for future use 8)

The one reason I like OTMoveit
Double click OTMoveIt once again and you should see a CleanUp! button, press that button, you may get prompt by your firewall that OTMoveIt wants to contact internet, allow this, a cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will delete all the tools you have downloaded plus itself

Now to get you off to a good start we will re-set your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your your restore point but this is my method:

1. Select Start > All Programs > Accessories > System tools > System Restore.
2. On the dialogue box that appears select Create a Restore Point
3. Click NEXT
4. Enter a name e.g. Clean
5. Click CREATE

You now have a clean restore point, to get rid of the bad ones:

1. Select Start > All Programs > Accessories > System tools > Disk Cleanup.
2. In the Drop down box that appears select your main drive e.g. C
3. Click OK
4. The System will do some calculation and the display a dialogue box with TABS
5. Select the More Options Tab.
6. At the bottom will be a system restore box with a CLEANUP button click this
7. Accept the Warning and select OK again, the program will close and you are done