Everything here, Virus, Spyware and Brower Hijack

I am trying to help a young friend clean up her computer. I get rid of one thing and something else pops up. I probably have too many spyware removers downloaded but feel kind of desperate as the viruses pop up faster than I can delete them. I cannot do windows update even because I get a message that because of the security settings ActiveX controls cannot be run on the page but each time I reset the security panel to custom etc as advised by microsoft they revert to the original. I even installed AOL hoping it would let me install security updates but get the same error message.
Any help would be appreciated. Here is the hijack log
Logfile of HijackThis v1.99.1
Scan saved at 3:08:48 AM, on 4/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\fteqfpu\xxpwax.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\uixs\mvoaqe.exe
C:\WINDOWS\System32\stuvqu\jwpll.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\boavqidw\gohn.exe
C:\WINDOWS\System32\bipwbp\rbbrtd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\ntvdm.exe
C:\PROGRA~1\AMERIC~1.0\aoltray.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\America Online 7.0\waol.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\dbkimg.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\dbkimg.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\dbkimg.exe
C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
O1 - Hosts: 216.39.69.102 view.atdmt.com
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [rsbhrd] C:\WINDOWS\System32\mrtt\rsbhrd.exe
O4 - HKLM\..\Run: [oxsklwfk] C:\WINDOWS\System32\ndbgmcv\oxsklwfk.exe
O4 - HKLM\..\Run: [rimbs] C:\WINDOWS\System32\ppnek\rimbs.exe
O4 - HKLM\..\Run: [PSoft1] C:\WINDOWS\System32\psoft1.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [mvoaqe] C:\WINDOWS\System32\uixs\mvoaqe.exe
O4 - HKLM\..\Run: [qjabunbs] C:\WINDOWS\System32\lyvun\qjabunbs.exe
O4 - HKLM\..\Run: [vdve] C:\WINDOWS\System32\cbfqcgv\vdve.exe
O4 - HKLM\..\Run: [qngpde] C:\WINDOWS\System32\tayp\qngpde.exe
O4 - HKLM\..\Run: [ocyq] C:\WINDOWS\System32\onyumcnf\ocyq.exe
O4 - HKLM\..\Run: [guxji] C:\WINDOWS\System32\rakdyu\guxji.exe
O4 - HKLM\..\Run: [gohn] C:\WINDOWS\System32\boavqidw\gohn.exe
O4 - HKLM\..\Run: [rbbrtd] C:\WINDOWS\System32\bipwbp\rbbrtd.exe
O4 - HKLM\..\Run: [jwpll] C:\WINDOWS\System32\stuvqu\jwpll.exe
O4 - HKLM\..\Run: [xxpwax] C:\WINDOWS\System32\fteqfpu\xxpwax.exe
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\dbkimg.exe
O4 - HKLM\..\Run: [hshnin] C:\DOCUME~1\Owner\LOCALS~1\Temp\fyobrb.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\RunOnce: [CounterSpyCleaner] C:\Program Files\Sunbelt Software\CounterSpy Client\sunASCleaner.exe
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .au: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yaho...bio5_1_2_0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{849CE8B4-2CC1-4853-9392-36D69651785E}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: gohnboavqidw - Unknown owner - C:\WINDOWS\System32\boavqidw\gohn.exe
O23 - Service: oxsklwfkndbgmcv - Unknown owner - C:\WINDOWS\System32\ndbgmcv\oxsklwfk.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe
O23 - Service: qngpdetayp - Unknown owner - C:\WINDOWS\System32\tayp\qngpde.exe
O23 - Service: rbbrtdbipwbp - Unknown owner - C:\WINDOWS\System32\bipwbp\rbbrtd.exe
O23 - Service: rsbhrdmrtt - Unknown owner - C:\WINDOWS\System32\mrtt\rsbhrd.exe
O23 - Service: vdvecbfqcgv - Unknown owner - C:\WINDOWS\System32\cbfqcgv\vdve.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

If you still require help, could you post a fresh log. Thanks and apologies about the response time.

__________________
Owen,
My Website - I Security.org.uk

MALWARE: READ FIRST Procedures:
|_ SpyBot V1.4 _|_ Ad-Aware SE 1.06_|_ HijackThis Log __V1.99.1 _|

[*]Be patient and wait for a response, we'll do our best to help resolve your issue.
[*]When posting for help, start your own thread and stick to it. Don't start multiple threads or post in other peoples threads!

If we have helped you, please consider making a donation to help support the forum. All donations are greatly appreciated. You can also support the forum by placing a link to us on your personal website.

Useful Links:
Posting a Hijack This Log
Preposting and Prevention Info