Logfile of HijackThis v1.99.1 Scan saved at 11:38:17 AM, on 6/21/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Symantec AntiVirus\DefWatch.exe D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe D:\Program Files\Symantec AntiVirus\SavRoam.exe D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe D:\Program Files\Symantec AntiVirus\Rtvscan.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\System32\wuauclt.exe D:\Program Files\Common Files\Symantec Shared\ccApp.exe D:\PROGRA~1\SYMANT~1\VPTray.exe D:\Program Files\Microsoft AntiSpyware\gcasServ.exe D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe D:\Program Files\Messenger\msmsgs.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe D:\WINDOWS\System32\wuauclt.exe D:\Documents and Settings\doug\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Ink Monitor] D:\Program Files\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] D:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [SpySweeper] "D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] D:\Program Files\Microsoft AntiSpyware\gcASCleaner.exe O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = D:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Microsoft Find Fast.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Office Startup.lnk = D:\Program Files\Microsoft Office\Office\OSA.EXE O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = allwestplasticsinc.local O17 - HKLM\Software\..\Telephony: DomainName = allwestplasticsinc.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = allwestplasticsinc.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = allwestplasticsinc.local O20 - Winlogon Notify: NavLogon - D:\WINDOWS\System32\NavLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - D:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: OracleiqmsClientCache - Unknown owner - d:\oracle\iqms\BIN\ONRSD.EXE O23 - Service: SAVRoam (SavRoam) - symantec - D:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - D:\Program Files\Symantec AntiVirus\Rtvscan.exe