Logfile of HijackThis v1.99.1
Scan saved at 9:28:54 AM, on 5/28/2004
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
c:\orant\bin\oracle80.exe
C:\orant\BIN\TNSLSNR80.EXE
C:\Program Files\Common Files\Panda
Software\PavShld\pavprsrv.exe
C:\Program Files\IntraPort Client\vpn5000service.exe
C:\WINDOWS\System32\taskmgr.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\InternetExplorer,(Default) = www.google.com
R1 - HKCU\Software\Microsoft\InternetExplorer\Main,Search Bar =res://C:\WINDOWS\fwtdi.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\InternetExplorer\Main,Search Page =res://C:\WINDOWS\fwtdi.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\InternetExplorer\Search,SearchAssistant =res://C:\WINDOWS\fwtdi.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\InternetExplorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\InternetExplorer\Toolbar,LinksFolderName = 
O2 - BHO: Class -{6F4B23DA-F796-90AD-CDF9-FF9C25D11F73} -C:\WINDOWS\mfcbq.dll
O3 - Toolbar: &Radio -{8E718888-423F-11D2-876E-00A0C9082467} -C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\CommonFiles\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\ProgramFiles\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [hfyybbki]c:\windows\system32\hfyybbki.exe
O4 - HKLM\..\Run: [jjq623op] C:\ProgramFiles\jjq623op\jjq623op.exe
O4 - HKLM\..\Run: [etbrun]C:\windows\system32\elitehai32.exe
O4 - HKLM\..\Run: [sys10-859017304]C:\WINDOWS\sys10-859017304.exe
O4 - HKLM\..\Run: [SystemCheck]C:\WINDOWS\SysCheckBop32
O4 - HKLM\..\Run: [STOPzilla] C:\ProgramFiles\STOPzilla!\STOPzilla.exe /autostart
O4 - HKLM\..\Run: [WindowsUpdate]C:\WINDOWS\System\svchost.exe /s
O4 - HKLM\..\Run: [MSN Messenger]C:\WINDOWS\System32\msmsgs.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\ProgramFiles\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\ProgramFiles\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SRFirstRun] rundll32srclient.dll,CreateFirstRunRp
O4 - HKLM\..\Run: [ipyf32.exe]C:\WINDOWS\system32\ipyf32.exe
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe/firstlogon
O4 - HKLM\..\RunServices: [CPQDFWAG]C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\ProgramFiles\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MyWebSearch Email Plugin]C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [sysmonnt]C:\WINDOWS\System32\sysmonnt
O4 - HKCU\..\Run: [Aarr] C:\Documents andSettings\SAPServiceTEK\Application Data\ueol.exeO4 - Global Startup: Microsoft Office.lnk = C:\ProgramFiles\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search -res://c:\programfiles\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links -res://c:\programfiles\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page- res://c:\programfiles\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages -res://c:\programfiles\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -res://c:\programfiles\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Related -{c95fe080-8f5d-11d2-a20b-00aa003c157a} -C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -{c95fe080-8f5d-11d2-a20b-00aa003c157a} -C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf: C:\Program Files\InternetExplorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\InternetExplorer\Plugins\NPDocBox.dll
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE}(TDServer Control) -http://www.kumudam.com/wfplayer/tdserver.cabO16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} -http://www.alwaysupdatednews.com/install/aun_0009.exe
O16 - DPF: {D05F33E0-3F75-11D3-A176-006008944486}(Audible Words Codec) -http://download.audible.com/AM36/awrdscdc.cabO20 - Winlogon Notify: STOPzilla -C:\WINDOWS\SYSTEM32\IS3WLHandler.dll
O23 - Service: Network Security Service (NSS) (11F咪#泛闹`I) - Unknown owner -C:\WINDOWS\system32\ntag32.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner -C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: Compaq Remote Diagnostics EnablingAgent (CpqDfwWebAgent) - Compaq Computer Corporation -C:\WINDOWS\Cpqdiag\Cpqdfwag.exeO23 - Service: iPod Service (iPodService) - AppleComputer, Inc. - C:\ProgramFiles\iPod\bin\iPodService.exeO23 - Service: LexBce Server (LexBceS) - LexmarkInternational, Inc. - C:\WINDOWS\system32\LEXBCES.EXEO23 - Service: OracleAgent80 - oracle -C:\orant\agentbin\DBSNMP.EXEO23 - Service: OracleClientCache80 - Unknown owner -:\orant\BIN\ONRSD80.EXE
O23 - Service: OracleDataGatherer - Unknown owner -C:\orant\bin\vppdc.exe
O23 - Service: OracleExtprocAgent - Unknown owner -C:\orant\BIN\EXTPROCT.EXE
O23 - Service: OracleServiceTEK - Oracle Corporation -c:\orant\bin\oracle80.exe
O23 - Service: OracleTNSListener80 - Unknown owner -C:\orant\BIN\TNSLSNR80.EXE
O23 - Service: Panda Process Protection Service(PavPrSrv) - Panda Software - C:\Program Files\CommonFiles\Panda Software\PavShld\pavprsrv.exe
O23 - Service: SAPOSCOL - Unknown owner -C:\usr\sap\TEK\sys\exe\run\SAPOSCOL.EXE
O23 - Service: SAPTEK_00 - SAP AG -C:\usr\sap\TEK\sys\exe\run\SAPSTARTSRV.EXE
O23 - Service: Symantec Network Drivers Service(SNDSrvc) - Symantec Corporation - C:\ProgramFiles\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: VPN 5000 Service 1.00.00(VPN5000Service) - Unknown owner - C:\ProgramFiles\IntraPort Client\vpn5000service.exe
O23 - Service: ZESOFT - Unknown owner -C:\WINDOWS\zeta.exe (file missing)