help - Windows\System32\shdoclc.dll/dnserror.htm

it says lease obtiained 16 sep expires 17 sep - make sense?

Mines same.

Logfile of HijackThis v1.97.7
Scan saved at 22:08:05, on 09/16/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\program files\altnet\points manager\points manager.exe
C:\WINDOWS\System32\S3hotkey.exe
C:\WINDOWS\System32\hnbqrou.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINDOWS\System32\regscan32.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\wuamgrd.exe
C:\Program Files\Save\Save.exe
C:\WINDOWS\System32\mswinvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\system32\svphost.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe
C:\Program Files\BearShare\BearShare.exe
C:\Program Files\BearShare\BearShare.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUMENTS AND SETTINGS\GRAEME\DESKTOP\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=webcache.blueyonder.co.uk:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*;localhost;127.0.0.1;*.blueyonder.co.uk
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: (no name) - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6BD83459-CF60-79C2-860F-65557BA97536} - (no file)
O2 - BHO: (no name) - {8C1D3E50-F032-45D1-98ED-83CCB1F6A51F} - C:\WINDOWS\System32\ipv6mqon.dll
O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SuperBar - {21BB2BD4-DA44-4C6D-B8A0-2196C4582502} - C:\Program Files\_SUPERBAR\_SUPERBAR.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [jkaqfotze] C:\WINDOWS\System32\hnbqrou.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [Windows Registry Scan] regscan32.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Microsoft Update Machine] wuamgrd.exe
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [WhenUSave] C:\Program Files\Save\Save.exe
O4 - HKLM\..\Run: [Remote Procedure Call] mswinvc.exe
O4 - HKLM\..\RunServices: [Microsoft Update Emulator] wuaddsff.exe
O4 - HKLM\..\RunServices: [ATI VIDEO REGKEY] ati2vid.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] regscan32.exe
O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [Print Spooler] spools.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] wuamgrd.exe
O4 - HKLM\..\RunServices: [Remote Procedure Call] mswinvc.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [svphost.exe] C:\WINDOWS\system32\svphost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] wuamgrd.exe
O4 - HKCU\..\Run: [Remote Procedure Call] mswinvc.exe
O4 - HKCU\..\RunServices: [Remote Procedure Call] mswinvc.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm
O9 - Extra button: SideFind (HKLM)
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1553e843177 ... xIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto ... dwnldr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - http://direct.data-line.us/gbn298.exe

Hello pinhead.

Download the latest Version of Hijack This
http://tomcoyote.com/hjt/
http://www.majorgeeks.com/download3155.html

Also, create a new folder in a convienent location and place Hijack this in that folder. HIjack This needs to be in a separte folder so that backup files it makes do not get scattered all over your desktop.
A separate folder on the desktop is fine.

Next, please uninstall Bearshare, kazaa, or any other questionable p2p clients you might have. These are known to be packaged with spyware. Also, unistall SuperBar. If you can't do it through add/remove programs, please go here for manual removal instructions:
http://www.pestpatrol.com/PestInfo/S/SuperBar.asp
Lime shop is another problem program which should be removed.

Next, visit Trend Micro's HouseCall.
Select your location and click Go. Select the Autoclean option.

Reboot, run your new version of hijack this, click scan, save the log, post the new log.