Logfile of HijackThis v1.99.1
Scan saved at 7:45:20 PM, on 3/25/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINNT\System32\cisvc.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRAM FILES\DELL\RESOLUTION ASSISTANT\COMMON\BIN\RxMon.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\cidaemon.exe
C:\WINNT\system32\ltmsg.exe
C:\Program Files\Dell\Resolution Assistant\Common\bin\RxUser.exe
C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\PROGRA~1\Adaptec\DirectCD\directcd.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\hpoopm07.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\system32\debmcnfg.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINNT\isrvs\desktop.exe
C:\WINNT\system32\ap9h4qmo.exe
C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe
C:\WINNT\system32\csrbpupd.exe
C:\PROGRA~1\COMMON~1\zurf\zurfm.exe
C:\PROGRA~1\COMMON~1\zurf\zurfa.exe
C:\Program Files\CheckIt\86\CheckIt86.exe
C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\bin\hpodev07.exe
C:\Program Files\Navnt\navapw32.exe
C:\Program Files\CxtPls\CxtPls.exe
C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\FRU\Remind32.exe
C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker1.exe
C:\PROGRA~1\HEWLET~1\HPOFFI~1\bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\bin\HPOSTS07.exe
C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\bin\HPOFXM07.exe
C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe
C:\Documents and Settings\Dennis & Jill Hall\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = +s
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no file)
O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINNT\BTGrab.dll
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINNT\nem220.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINNT\systb.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RsyncHlpr Class - {16B238D5-80DE-47CE-8F17-B3ECE2C2248D} - C:\WINNT\system32\rsyncmon.dll
O2 - BHO: ohb - {22B720C7-5FA6-40A8-9F8F-8584BF669690} - C:\WINNT\system32\trgen.dll
O2 - BHO: ohb - {4D568F0F-8AC9-40AB-88B7-415134C78777} - C:\WINNT\system32\winb2s32.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-159E03E829FD} - C:\WINNT\system32\lmf32v.dll
O2 - BHO: CheckIt 86 - {82DF1118-9B92-45d8-B78F-1737A69A06E1} - C:\Program Files\CheckIt\86\CheckIt86.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: ohb - {CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01} - C:\WINNT\system32\dsktrf.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Begin2Search.com Bar - {52FE5233-367C-4EFB-BDD7-0BE4D212C107} - C:\WINNT\system32\winb2s32.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [RxUser] C:\Program Files\Dell\Resolution Assistant\Common\bin\RxUser.exe
O4 - HKLM\..\Run: [madexe] C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\Adaptec\DirectCD\directcd.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\WINNT\system32\spool\DRIVERS\W32X86\hpoopm07.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.5.0.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RSync] C:\WINNT\system32\netsync.exe
O4 - HKLM\..\Run: [farmmext] C:\WINNT\farmmext.exe
O4 - HKLM\..\Run: [s39X3Fe] debmcnfg.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Desktop Search] C:\WINNT\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINNT\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINNT\system32\ap9h4qmo.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r
O4 - HKCU\..\Run: [Aush] C:\Documents and Settings\Dennis & Jill Hall\Application Data\tslo.exe
O4 - HKCU\..\Run: [d0q7RPKFj] csrbpupd.exe
O4 - HKCU\..\Run: [zurf] C:\PROGRA~1\COMMON~1\zurf\zurfm.exe
O4 - Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\FRU\Remind32.exe
O4 - Global Startup: CheckIt 86.lnk = C:\Program Files\CheckIt\86\CheckIt86.exe
O4 - Global Startup: HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\bin\hpodev07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Resolution Assistant.lnk = C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\matcli.exe
O8 - Extra context menu item: &iSearch The Web - res://C:\WINNT\system32\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Add To CheckIt &86 Trust List - C:\PROGRA~1\CheckIt\86\AddToTrustList.js
O8 - Extra context menu item: Ebates - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm
O9 - Extra button: (no name) - {2887F316-8C6C-47ae-A462-D2C9739D2C3D} - C:\PROGRA~1\CheckIt\86\CheckIt86.exe
O9 - Extra 'Tools' menuitem: CheckIt &86 - {2887F316-8C6C-47ae-A462-D2C9739D2C3D} - C:\PROGRA~1\CheckIt\86\CheckIt86.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (HKCU)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/CursorManiaFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.maricopa.gov/assessor/gis/plugin/mgaxctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - C:\WINNT\isrvs\mfiltis.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe
O23 - Service: Service Request Monitor - Dell Computer Corporation - C:\PROGRAM FILES\DELL\RESOLUTION ASSISTANT\COMMON\BIN\RxMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe