I have run adaware, spybot S&D, Norton Antivirus and can't find anything,
Any help is much appreciated
***************************************************
Logfile of HijackThis v1.99.1
Scan saved at 8:46:36 AM, on 7/21/05
Platform: Windows NT 4 SP6 (WinNT 4.00.1381)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\spoolss.exe
c:\apps\arcserve\ntagent\ntagent.exe
C:\WINNT\System32\nddeagnt.exe
C:\Program Files\SYMsm\arraymon.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\forbmon.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\sfmsvc.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\Program Files\VERITAS\NetBackup\bin\bpinetd.exe
C:\WINNT\System32\loadwc.exe
C:\WINNT\System32\HPJETDSC.EXE
C:\PROGRA~1\Navnt\npssvc.exe
C:\Program Files\Navnt\navapw32.exe
C:\Program Files\nsr\bin\nsrexecd.exe
C:\WINNT\System32\LOCATOR.EXE
C:\WINNT\system32\RpcSs.exe
C:\Program Files\SSH Communications Security\SSH Secure Shell Server\ssh2master.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\PROGRA~1\EXECUT~1\DISKEE~1\DkService.exe
C:\WINNT\System32\NMSSvc.exe
c:\winnt\system32\pstores.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\SSH Communications Security\SSH Secure Shell Server\ssh2server.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINNT\System32\CMD.exe
C:\cygwin\bin\bash.exe
C:\WINNT\System32\taskmgr.exe
C:\WINNT\system32\EVENTVWR.EXE
C:\PROGRA~1\Plus!\MICROS~1\iexplore.exe
C:\hijack this\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=userinit,nddeagnt.exe
O1 - Hosts: 134.174.168.105 iccb_ntone.med.harvard.edu #this server
O1 - Hosts: 134.174.168.121 bak.med.harvard.edu #Legato Backup server
O1 - Hosts: 134.174.168.136 scope-server.med.harvard.edu #Legaoto Backup server #2
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [Norton Program Scheduler Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKCU\..\Run: [HP JetDiscovery] HPJETDSC.EXE
O4 - Global Startup: diskmonitor.cmd
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.LNK = C:\Program Files\Navnt\navapw32.exe
O13 - WWW. Prefix: http://
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = med.harvard.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = med.harvard.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = med.harvard.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 134.174.141.2 128.103.209.240 128.103.100.201
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = med.harvard.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = med.harvard.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 134.174.141.2 128.103.209.240 128.103.100.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = med.harvard.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 134.174.141.2 128.103.209.240 128.103.100.201
O23 - Service: Cheyenne Discovery Service (ASDiscoverySvc) - Unknown owner - C:\WINNT\System32\ASDscSvc.exe
O23 - Service: Client Agent for ARCserve - Cheyenne Software division of Computer Associates - c:\apps\arcserve\ntagent\ntagent.exe
O23 - Service: Disk Array Monitor - Unknown owner - C:\Program Files\SYMsm\arraymon.exe
O23 - Service: Diskeeper - Executive Software International - C:\PROGRA~1\EXECUT~1\DISKEE~1\DkService.exe
O23 - Service: Adaptec Failover Backup Monitor (forbmon) - Unknown owner - C:\WINNT\System32\forbmon.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: NetBackup Client Service (NetBackup INET Daemon) - VERITAS Software Corporation - C:\Program Files\VERITAS\NetBackup\bin\bpinetd.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: NetWorker Remote Exec Service (nsrexecd) - Legato Systems, Inc. - C:\Program Files\nsr\bin\nsrexecd.exe
O23 - Service: SSH Secure Shell 2 (SSHSecureShell2Server) - SSH Communications Security Corp - C:\Program Files\SSH Communications Security\SSH Secure Shell Server\ssh2master.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -log "*:EventLog:0" -log Connections:EventLog:100 -service (file missing)