Logfile of HijackThis v1.99.1
Scan saved at 6:02:03 PM, on 5/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesNorton AntiVirusIWPNPFMntor.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSExplorer.EXE
C:WINDOWSAGRSMMSG.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesCommon FilesLogitechQCDriverLVCOMS.EXE
C:Program FilesRoxioEasy CD Creator 6DragToDiscDrgToDsc.exe
C:Program FilesRoxioEasy CD Creator 6AudioCentralRxMon.exe
C:Program FilesHewlett-PackardToolbox2.0Apache Tomcat 4.0webappsToolboxStatusClientStatusClient.exe
C:Program FilesMSN AppsUpdater01.02.3000.1001en-usmsnappau.exe
C:Program FilesJavajre1.5.0_01binjusched.exe
C:PROGRA~1MYWEBS~1bar1.binmwsoemon.exe
C:Program FilesiTunesiTunesHelper.exe
C:program fileszangozango.exe
C:Program FilesJavajre1.5.0_01binjucheck.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesRoxioEasy CD Creator 6AudioCentralPlaylist.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesHewlett-PackardToolbox2.0JavasoftJRE1.3.1binjavaw.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32system.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesAIMaim.exe
C:Program FilesSamsungDigimax Viewer 2.1STImgBrowser.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsFamilyshell.exe
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1FamilyLOCALS~1TempTemporary Directory 2 for hijackthis[2].zipHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.tt/
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:Program FilesMyWebSearchSrchAstt1.binMWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:Program FilesMyWebSearchSrchAstt1.binMWSSRCAS.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn0ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:Program FilesMyWebSearchbar1.binMWSBAR.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:Program FilesMSN AppsST01.02.3000.1002en-xustmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesMSN AppsMSN Toolbar01.02.3000.1001en-usmsntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn0ycomp5_5_7_0.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:Program FilesAIM ToolbarAIMBar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesMSN AppsMSN Toolbar01.02.3000.1001en-usmsntb.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [LVCOMS] C:Program FilesCommon FilesLogitechQCDriverLVCOMS.EXE
O4 - HKLM..Run: [RoxioEngineUtility] "C:Program FilesCommon FilesRoxio SharedSystemEngUtil.exe"
O4 - HKLM..Run: [RoxioDragToDisc] "C:Program FilesRoxioEasy CD Creator 6DragToDiscDrgToDsc.exe"
O4 - HKLM..Run: [RoxioAudioCentral] "C:Program FilesRoxioEasy CD Creator 6AudioCentralRxMon.exe"
O4 - HKLM..Run: [statusClient] C:Program FilesHewlett-PackardToolbox2.0Apache Tomcat 4.0webappsToolboxStatusClientStatusClient.exe /auto
O4 - HKLM..Run: [TomcatStartup] C:Program FilesHewlett-PackardToolbox2.0hpbpsttp.exe
O4 - HKLM..Run: [msnappau] "C:Program FilesMSN AppsUpdater01.02.3000.1001en-usmsnappau.exe"
O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_01binjusched.exe
O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1bar1.binmwsoemon.exe
O4 - HKLM..Run: [iTunesHelper] C:Program FilesiTunesiTunesHelper.exe
O4 - HKLM..Run: [zango] c:program fileszangozango.exe
O4 - HKLM..Run: [Windows] system.exe
O4 - HKLM..RunServices: [Windows] system.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl
O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1bar1.binmwsoemon.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:Program FilesMyWebSearchbar1.binMWSOEMON.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:Program FilesMyWebSearchbar1.binMWSOEMON.EXE
O8 - Extra context menu item: &AIM Search - res://C:Program FilesAIM ToolbarAIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZBzeb032YYTT
O8 - Extra context menu item: &Yahoo! Search - file:///C:Program FilesYahoo!Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:Program FilesYahoo!Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:Program FilesYahoo!Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_01binnpjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_01binnpjpi150_01.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/FunBuddyIconsFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102455803468
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.zango.com/GetZango/Download/zangoax.cab
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe