Another Instant Access Problem

Hi

I also live in Ireland and have been plagued for the last month now with Instant Access pop ups, and when I delete them, they knock me out of explorer.

I have gone into add/remove programmes and removed them "“ I keep getting prompted to open the following, DialpassUninstall.EXE from scripts.download3v.com. This seems to work, but when I next go online it comes back again.

I still have dial up, as I’m in a part of Ireland that cannot get broadband yet, though this is coming next year "“ yes, I know, don’t laugh.

I see for other messages that NOAHDFEAR has been very helpful with this problem. However, when he asks others to download the registry search tool, they have to paste in a certain word. It doesn’t seem the same each time.

I have Ad-aware and Spybot and recently paid for NoAdaware, (and run each of these daily) but the problem never seems to go away totally.

I’m a bit of a novice, but am learning all the time.

Thanks to anyone who can offer any advice.

All the Best

David

 

Welcome to WindowsBBS David

Please download the List Installed Programs script from here, run it and post it's log. That will show us the name we need to look for.

Off to work. Will return this evening. Hang in there.

 

Thanks for coming back to me so quick, I tried to load this "“ it got as far as telling me it was an Installed programs.vbs by Bill James

I am just getting a prompt , as follows

Enter I.P. or name of computer to check for installed software (leave blank for local system)

- I have left this blank, but am getting an error message, telling me "library not registeredâ€.

I am on windows 98, by the way.

Thanks again for your help,

David

 

Please download the attached GetLog.zip file attached to this post. Save it to your desktop. If it saves as attachment.php, right click and rename to GetLog.zip You may need to enable viewing extensions for known file types to see the zip and bat extensions. To do that, open My Computer and click Tools on the menu, then folder options. Click the view tab of the window that opens and uncheck the box to Hide extensions...... and click OK. Now right click the zip and extract the GetLog.bat file to your desktop. Double click to run. It will create and open GetLog.txt. Please copy and post the contents.

Download HijackThis.exe from here. Save it to a permanent folder (I create a new folder in C:\ named HJT). Open and click scan, then save log. Once it is saved it will open in notepad. Select all from the edit button, copy and paste the results here. Don't fix anything with it yet!

 

Hi again.

I was able to extract the GetLog. bat file but the results wouldn’t open up in notepad for some reason. As it wasn’t much I just typed up the result as follows,


C:\WINDOWS\Desktop>reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" >>GetLog. Txt

Bad Command or File Name

C:\Windows\Desktop>
C:\Windows\Desktop>reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" >> GetLog. Txt

Bad Command or File Name

C:\Windows\Desktop>
C:\Windows\Desktop>
C:\Windows\Desktop> start notepad. exe. GetLog. txt

C:\Windows\Desktop>
C:\Windows\Desktop>



I had no problem with Hijack This and came up with the following. Looking forward to hearing from you, Dave.

David




Logfile of HijackThis v1.99.1
Scan saved at 12:42:06, on 29/03/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\CARPSERV.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\EN-GB\MSNAPPAU.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\SYSTEM\GQMWZADU.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\OPLIMIT\OCRAWARE.EXE
C:\OPLIMIT\OCRAWR32.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKJOBS.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKTOPASS.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKSLAPI.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\POWERARCHIVER\POWERARC.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.iol.ie
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-GB\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-GB\MSNTB.DLL
O3 - Toolbar: POPStopperIE.CToolbar - {4B7B69EB-A00F-4FCD-B601-ACCBB86ED528} - C:\PROGRAM FILES\POP-STOPPER-IE\POP-STOPPER-IE.DLL (file missing)
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe "
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [gqmwzadu] c:\windows\system\gqmwzadu.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [POP-Stopper-IE] "C:\PROGRAM FILES\POP-STOPPER-IE\POP-STOPPER-IE.exe "
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE "
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1058.dll,InstantAccess
O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/220dd051bebfc74f6705/netzip/RdxIE601.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup155.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_EN.cab

 

Well that'll teach me to write a batch file for 98 while working on an XP machine. I've replaced the attachment in my last post with a new one. Please delete the one previously downloaded, and the extracted file, redownload and try again. It will create a log in C: and open it. Feel free to delete after posting.

 

Thanks Dave, here it is



REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EnsoniqMixer "= "starter.exe "
"LoadQM "= "loadqm.exe "
"CARPService "= "carpserv.exe "
"msnappau "= "\ "c:\\program files\\MSN Apps\\Updater\\01.02.3000.1001\\en-gb\\msnappau.exe\" "
"AVG7_CC "= "C:\\PROGRA~1\\GRISOFT\\AVGFRE~1\\AVGCC.EXE /STARTUP "
"AVG7_EMC "= "C:\\PROGRA~1\\GRISOFT\\AVGFRE~1\\AVGEMC.EXE "
"AVG7_AMSVR "= "C:\\PROGRA~1\\GRISOFT\\AVGFRE~1\\AVGAMSVR.EXE "
"Zone Labs Client "= "\ "C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\" "
"gqmwzadu "= "c:\\windows\\system\\gqmwzadu.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed "= "1 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed "= "1 "
"NoChange "= "1 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed "= "1 "

 

Very odd. That log should be much larger. That happened to me a couple of times while working on the batch today, but after making a few adjustments it always worked properly. Just rebooted and logged onto 98 and it worked right too. Please run the bat file again. If it appears the same, open C: and delete the GetLog.txt file, then run it again.

I do have enough information to work up a fix, but really would like to see that log in it's entirety if possible. Gonna be offline for a few hours, and will post some steps for fixing later. Hang in there.

 

Open C: and create a new folder. Name it HJT and move HijackThis.exe to it.

Download the attached RemInstAcc.zip file. Rename if necessary. Extract the reg file to your desktop. Note to others.....the attachment was written specifically for this machine. Please do not use if you have zipzap popups too. Start your own thread and someone will gladly assist you.

Scan again with HijackThis and place a check next to the following entries. Close ALL other windows and click fix.

O3 - Toolbar: POPStopperIE.CToolbar - {4B7B69EB-A00F-4FCD-B601-ACCBB86ED528} - C:\PROGRAM FILES\POP-STOPPER-IE\POP-STOPPER-IE.DLL (file missing)
O4 - HKLM\..\Run: [gqmwzadu] c:\windows\system\gqmwzadu.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1058.dll,InstantAccess
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binari...ACCESS_1058.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binari...sysnet32_EN.cab

Go to start>run and type msconfig, hit enter. On the General tab click the advanced button. Check the box to 'enable start menu' and OK out. Restart and choose safe mode.

You will need to show hidden files and folders.

Double click the RemInstAcc.reg file on your desktop. Allow it to merge into the registry.

Do a file search for EGDACCESS_1058.inf and EGDACCESS_1058.dll Delete if found.
Open C:\Temp (if present), select all and delete.
Open C:\Windows\Temp, select all and delete.
Open C:\Windows\Applog, select all and delete.
Open C:\Windows\system and delete the file gqmwzadu.exe.
Open the control panel, then internet options and delete the temporary internet files, checking the box for offline content.
Open My Computer and right click Local Disk C:, then choose disk cleanup. Check all boxes and click OK.
Uncheck the box to 'enable start menu' in msconfig and OK out. Reboot.

Back in Windows, run another HijackThis scan and post the log. Let us know if the popups have stopped.

 

Thanks again Dave.

I'm away from my own pc for the next three days, back on Saturday, when I'll be able to do this then.

Again, many thanks for your help. Do have a nice day,

all the best,

David

 

Dave

I did everything you asked and it looks like they have gone.

May I please take this opportunity to thank you sincerely for your help here.

David

 

That's great! Please post one more HijackThis log.

 

Dave, here it is,



Logfile of HijackThis v1.99.1
Scan saved at 10:01:54, on 03/04/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\CARPSERV.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\EN-GB\MSNAPPAU.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\OPLIMIT\OCRAWARE.EXE
C:\OPLIMIT\OCRAWR32.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKJOBS.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKTOPASS.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKSLAPI.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\EXCEL.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.iol.ie
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-GB\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-GB\MSNTB.DLL
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe "
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [POP-Stopper-IE] "C:\PROGRAM FILES\POP-STOPPER-IE\POP-STOPPER-IE.exe "
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE "
O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/220dd051bebfc74f6705/netzip/RdxIE601.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup155.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

 

Log looks clean, David. Forgot to mention, NoAdware (pre version 3) is a rogue antispyware app. http://www.spywarewarrior.com/rogue_anti-spyware.htm (see the note)

What version of Spybot do you have? If not 1.3, download it from my signature and install. Allow it to load SD Helper. Open it up and click mode on the toolbar, then advanced mode. Click immunize in the left pane, then immunize again, this time from above with the green + beside it (always recheck this setting after downloading updates). Click the link below that for SpywareBlaster, download, install, enable all protection and update. Check for updates regularly and watch for any protection being disabled. Then, still in Spybot, click tools button, then IE tweaks and at least lock the HOSTS file.
Then download IESpyad.exe, double click to extract (it extracts to C:\IESpyad by default), open the folder, double click the ie-ads.reg file and allow it to merge into the registry.

That will give you some added layers of protection against unwanted parasites.