Which files to delete in registery???

hi everybody, my computer has got some sort of virus on it 'bloodhound' as described by norton. My web homepage is also hijacked to 'about:blank' and my computer is persistently trying to connect to the web. Anyway having done a bit of research i have learned a little about whats going on. I down loaded 'hijack this', ran it and saved the log which is as follows:

Logfile of HijackThis v1.99.1
Scan saved at 20:16:52, on 02/07/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\TEMP\CE.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eircom.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.iolfree.ie:8080
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {DC695201-E8FD-11D9-ACC4-FB440F46C859} - C:\WINDOWS\SYSTEM\DIKB.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LexStart] LexStart.EXE
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Ce] C:\WINDOWS\TEMP\CE.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\OFFICE\1033\PHDINTL.DLL/phdContext.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.eircom.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = eircom.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 159.134.237.6,159.134.248.17
O18 - Filter: text/html - {DC695200-E8FD-11D9-ACC4-FB44600A6DC2} - C:\WINDOWS\SYSTEM\DIKB.DLL
O18 - Filter: text/plain - {DC695200-E8FD-11D9-ACC4-FB44600A6DC2} - C:\WINDOWS\SYSTEM\DIKB.DLL
O21 - SSODL: OLE Automation Module - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - (no file)

Could anybody tell me which files to delete to solve my problem?? I took a shot in the dark already by deleting any files that made reference to 'about:blank' but they seemed to reappear straight away when i repeated the scan. Will this also solve my bloodhound problem?? Norton won't run properly anymore probably thanks to the virus interfereing.
All suggestions appreciated,
Mike

 

Norton is s****! Use NOD32! (Or update the Norton, if you haven't done! )

 

thanks mozo1 for the reply. I forgot to mention that I am extremely ignorant in this world of computers! what is NOD32??

 

http://www.nod32.com/home/home.htm
If you need it, and you cannot "buy" it, PM me with your E-mail adress!

 

also try and get your hands on CCleaner and Registry Mechanic. CCleaner is free and very good at cleaning your windows system. Registry mechanic is very good at repairing errors caused by malicious software, trojans and viruses but is not free.

 

Also, you might wanna try out these out programs to scan/prevent any more browser-hijackers/spyware/adware...

Microsoft AntiSpyware

http://www.microsoft.com/downloads/...a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en

Bazooka Adware and Spyware Scanner:

http://www.download.com/Bazooka-Adware-and-Spyware-Scanner/3000-8022_4-10377953.html?tag=lst-0-22

Bazooka can help you detect hard to find adware/spyware components that the big name (Ad-Aware/Spybot/Spy Sweeper,etc. might miss). It only detects and won't remove anything. There are online instructions for you follow in the event it does detect something.

Spyware Doctor:

http://www.download.com/Spyware-Doctor/3000-8022_4-10377263.html

Really good, but the real-time monitor is disabled unless you pay for that part. The scanner is pretty good and very fast...

Spyware Blaster:

http://javacoolsoftware.com/spywareblaster.html

Prevents spyware/browser helper objects from downloading/installing on to your comp, especially for IE

Spyware Guard:

http://javacoolsoftware.com/spywareguard.html

This tool is helpful if you use IE as your main browser. This will alert you if there are browser helper objects being installed onto IE and will alert you if your homepage is being modified or not...

Win Patrol:

http://winpatrol.com/

Useful in helping you manage your start-up entries (some spyware infest this area a lot), determine what exactly is running in memory (processes), what BHOs you have, monitoring file types, and again...watches over your browser, too....