Logfile of HijackThis v1.99.0
Scan saved at 11:32:25 AM, on 1/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\System32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
D:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\WINDOWS\system32\oikkqc.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
D:\WINDOWS\System32\taskswitch.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Common Files\AOL\ACS\AOLDial.exe
D:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
D:\Program Files\Creative\SBLive\Launcher\CTLauncher.exe
D:\Program Files\The Cleaner\tca.exe
D:\Program Files\The Cleaner\tcm.exe
D:\Program Files\Creative\ShareDLL\MediaDet.Exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
D:\PROGRA~1\COMMON~1\AOL\110346~1\EE\AOLHOS~1.EXE
D:\Program Files\OpenOffice.org1.1.3\program\soffice.exe
D:\PROGRA~1\COMMON~1\AOL\110346~1\EE\AOLServiceHost.exe
D:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
D:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
D:\WINDOWS\System32\CTsvcCDA.EXE
D:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
D:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\wanmpsvc.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\System32\HPZipm12.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www4.usbank....isplayLoginPage
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://usbank.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = D:\Program Files\AOL Toolbar\welcome.html
O2 - BHO: ZServObj Class - {00000000-C1EC-0345-6EC2-4D0300000000} - D:\WINDOWS\ZServ.dll (file missing)
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - D:\WINDOWS\systb.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {CC916B4B-BE44-4026-A19D-8C74BBD23361} - D:\WINDOWS\system32\msfaol.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [HydraVisionDesktopManager] D:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [Disc Detector] D:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] D:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [vptray] D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HostManager] D:\Program Files\Common Files\AOL\1103467581\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [CoolSwitch] D:\WINDOWS\System32\taskswitch.exe
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AOLDialer] D:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "D:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Creative Launcher] D:\Program Files\Creative\SBLive\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [mjvniikdrutsb] D:\WINDOWS\system32\jyqhfyy.exe
O4 - HKLM\..\Run: [Win Server Updt] D:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [tcactive] D:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] D:\Program Files\The Cleaner\tcm.exe
O4 - Startup: OpenOffice.org 1.1.3.lnk = D:\Program Files\OpenOffice.org1.1.3\program\quickstart.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &AOL Toolbar search - res://D:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\System32\msjava.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - D:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {5D66B431-8A5B-4ECA-AED6-6F4F411E1773} (AOLLaunch Class) - http://www.disneybla...AOLLauncher.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comne...iveSecurity.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX25.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toon...4.47/ttinst.cab
O23 - Service: AOL Connectivity Service - America Online - D:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor - America Online, Inc - D:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service - Unknown - D:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: Ati HotKey Poller - Unknown - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: DefWatch - Symantec Corporation - D:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client - Symantec Corporation - D:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - D:\WINDOWS\wanmpsvc.exe
Thanks