I'm running windows ME and am not sure what is good and bad. Please advise.
Thanks in advance. It's good to know that for every ####er out there that wants to screw you over there are people there willing to help. Here is the log.

Logfile of HijackThis v1.99.0
Scan saved at 5:58:46 PM, on 12/21/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\TABLET.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FSMA32.EXE
C:\PROGRAM FILES\COMCAST\SECURITY MANAGER\APP\AUTHSL.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FSMB32.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FCH32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\GWMDMMSG.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\HPZTSB06.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FSM32.EXE
C:\WINDOWS\TEMP\F343.TMP.EXE
C:\PROGRAM FILES\COMCAST\SECURITY MANAGER\APP\PRISM.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FNRB32.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FAMEH32.EXE
C:\PROGRAM FILES\F-SECURE\BACKWEB\7681197\PROGRAM\BACKWEB-7681197.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FSGK32.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\F-SECURE\COMMON\FIH32.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\F-SECURE\ANTI-VIRUS\FSAV32.EXE
C:\COREL\GRAPHICS8\PROGRAMS\MFINDEXER.EXE
C:\VSTASCAN\VSACCESS.EXE
C:\PROGRAM FILES\SONY HANDHELD\HOTSYNC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\kpiho.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\kpiho.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\kpiho.dll/sp.html#93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\kpiho.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {069149E3-74E2-05DC-C3E8-CB7EA196605E} - C:\WINDOWS\SYSTEM\CRIU32.DLL
O2 - BHO: (no name) - {E434D3C7-A673-4100-8140-79C020945017} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {53829F91-1B06-4DB9-B13E-812A986169F9} - (no file)
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [OEMRUNONCE] c:\windows\options\cabs\oemrun.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] C:\Program Files\Gateway\Gateway Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb06.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Prein] C:\WINDOWS\TEMP\APP5160.TMP
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [vm4i36g] MTXNU.EXE
O4 - HKLM\..\Run: [F343.TMP] C:\WINDOWS\TEMP\F343.TMP.exe 0 10001
O4 - HKLM\..\Run: [F343.TMP.EXE] C:\WINDOWS\TEMP\F343.TMP.EXE 0 10001
O4 - HKLM\..\Run: [Security Manager] C:\Program Files\Comcast\Security Manager\app\SecurityManager.exe
O4 - HKLM\..\Run: [SDKPT32.EXE] C:\WINDOWS\SYSTEM\SDKPT32.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Tablet] C:\WINDOWS\SYSTEM\Tablet.exe
O4 - HKLM\..\RunServices: [fsaa] C:\Program Files\F-Secure\Common\fsaa.exe
O4 - HKLM\..\RunServices: [F-Secure Management Agent] C:\Program Files\F-Secure\Common\FSMA32.EXE
O4 - HKLM\..\RunServices: [CurtainsSysSvc] C:\Program Files\Comcast\Security Manager\app\AuthSL.exe
O4 - HKLM\..\RunServices: [MSKR.EXE] C:\WINDOWS\SYSTEM\MSKR.EXE
O4 - HKLM\..\RunServices: [NTQJ.EXE] C:\WINDOWS\NTQJ.EXE
O4 - HKLM\..\RunServices: [D3BX.EXE] C:\WINDOWS\SYSTEM\D3BX.EXE
O4 - HKCU\..\Run: [eDvsRWMpU] SHFHELP.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\winzip\WZQKPICK.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: FS BackWeb.lnk = C:\Program Files\F-Secure\BackWeb\7681197\Program\backWeb-7681197.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://gateway.yahoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)

thanks again in advance.

Would you please post this in the HJT forum area. It will get done there. Hijackthis members dont do logs here.

Thanks

Oops, sorry bout that. thanks.