Logfile of HijackThis v1.99.1
Scan saved at 11:32:19 AM, on 9/18/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\WINDOWS\System32\icasServ.exe
F:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
F:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
F:\WINDOWS\System32\RunDll32.exe
F:\WINDOWS\System32\RUNDLL32.EXE
F:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\Tablet.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
F:\WINDOWS\System32\wuauclt.exe
F:\WINDOWS\System32\wpabaln.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\AIM\aim.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\DOCUMENTS AND SETTINGS\MASTER\DESKTOP\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72636281-D8C9-C82B-1CE1-CFD282C7B412} - F:\WINDOWS\System32\0gi70r51.dll (file missing)
O2 - BHO: (no name) - {FCF4CFFB-4EA6-497D-BE93-BBC6CDA9A095} - F:\WINDOWS\System32\mjln.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [icasServ] F:\WINDOWS\System32\icasServ.exe
O4 - HKLM\..\Run: [Zone Labs Client] F:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
O4 - HKLM\..\Run: [CaAvTray] "F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] F:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] F:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [AIM] F:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Photags AutoDetect.lnk = F:\Program Files\PhoTags Express\Photags AutoDetect.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\Program Files\AIM\aim.exe
O21 - SSODL: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - F:\WINDOWS\System32\dcom_9.dll
O21 - SSODL: hcUOSUXgWv - {7263627B-D8C9-C8D1-635D-BEE682C7B40F} - F:\WINDOWS\System32\razjo.dll
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - F:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - F:\WINDOWS\system32\ZoneLabs\vsmon.exe